General

  • Target

    135fc4914e879247fd8951963012db10_NeikiAnalytics.exe

  • Size

    65KB

  • Sample

    240518-2dt8eabf82

  • MD5

    135fc4914e879247fd8951963012db10

  • SHA1

    066e34c413d54a9b4988b58957e64799c8f4d1ac

  • SHA256

    b2432b844c7a40263894904a48b2675c207c57bb23f5239fbb405b1628075c9b

  • SHA512

    2b0a039a3472fc82e10daf84ac6b2764557ab80e720d0a6c5a8163efd2eaf0d74fa2ab3c3ed41491e880acf4b9f31b947ff6d66383a1615433c993a871eab9a5

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6MTSqfQ:ymb3NkkiQ3mdBjFI4Vc

Malware Config

Targets

    • Target

      135fc4914e879247fd8951963012db10_NeikiAnalytics.exe

    • Size

      65KB

    • MD5

      135fc4914e879247fd8951963012db10

    • SHA1

      066e34c413d54a9b4988b58957e64799c8f4d1ac

    • SHA256

      b2432b844c7a40263894904a48b2675c207c57bb23f5239fbb405b1628075c9b

    • SHA512

      2b0a039a3472fc82e10daf84ac6b2764557ab80e720d0a6c5a8163efd2eaf0d74fa2ab3c3ed41491e880acf4b9f31b947ff6d66383a1615433c993a871eab9a5

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6MTSqfQ:ymb3NkkiQ3mdBjFI4Vc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks