General

  • Target

    616e39eebc19100f316931f4b8b72530_NeikiAnalytics.exe

  • Size

    141KB

  • Sample

    240518-a1z9dsbe95

  • MD5

    616e39eebc19100f316931f4b8b72530

  • SHA1

    183efac39963658ebb1f3d04cdd298e8344c68fa

  • SHA256

    ae6393f4270e864614010a2d2c04ab497350e183515c2c76bac8ba9625750e57

  • SHA512

    ef0458b95541c5bc14e4a8ead43d5e2c5a1c75403222565c970e935350dc9c03e48a28fb8b5e4e03b020e76e5aac40caf783e07dc4b564ad876d710a34aa4547

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmm8mzuFli55p15/:n3C9BRIG0asYFm71mm8fliZ

Malware Config

Targets

    • Target

      616e39eebc19100f316931f4b8b72530_NeikiAnalytics.exe

    • Size

      141KB

    • MD5

      616e39eebc19100f316931f4b8b72530

    • SHA1

      183efac39963658ebb1f3d04cdd298e8344c68fa

    • SHA256

      ae6393f4270e864614010a2d2c04ab497350e183515c2c76bac8ba9625750e57

    • SHA512

      ef0458b95541c5bc14e4a8ead43d5e2c5a1c75403222565c970e935350dc9c03e48a28fb8b5e4e03b020e76e5aac40caf783e07dc4b564ad876d710a34aa4547

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmm8mzuFli55p15/:n3C9BRIG0asYFm71mm8fliZ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks