General

  • Target

    57862a02a2952d106590faf741d17330_NeikiAnalytics.exe

  • Size

    382KB

  • Sample

    240517-3x8etahg67

  • MD5

    57862a02a2952d106590faf741d17330

  • SHA1

    1a3d5ca88fbb6dee5c90554641f58ff78a955a9c

  • SHA256

    27789c7892aada8f1a39dcd8a987159858e82c1f84114926437cf1318cd03288

  • SHA512

    302f58ae99e3c07d73c67ac9be3b75a5224d4276f26219576a41fe8854320b2f9a77e42f32358158c23abe6f885a97f49365abc02278da8996b126726a26f978

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHqL3yeHmlwe+axBcot39vUDbYhzod00:n3C9BRo7tvnJ99T/KZEL3c5BTkPXKps

Malware Config

Targets

    • Target

      57862a02a2952d106590faf741d17330_NeikiAnalytics.exe

    • Size

      382KB

    • MD5

      57862a02a2952d106590faf741d17330

    • SHA1

      1a3d5ca88fbb6dee5c90554641f58ff78a955a9c

    • SHA256

      27789c7892aada8f1a39dcd8a987159858e82c1f84114926437cf1318cd03288

    • SHA512

      302f58ae99e3c07d73c67ac9be3b75a5224d4276f26219576a41fe8854320b2f9a77e42f32358158c23abe6f885a97f49365abc02278da8996b126726a26f978

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHqL3yeHmlwe+axBcot39vUDbYhzod00:n3C9BRo7tvnJ99T/KZEL3c5BTkPXKps

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks