General

  • Target

    594938fc5fb09ffef66faa29f281e840_NeikiAnalytics.exe

  • Size

    65KB

  • Sample

    240518-abhytaaa89

  • MD5

    594938fc5fb09ffef66faa29f281e840

  • SHA1

    7176b98eaa78e0e837ff19fc6cf5986bce20cc0f

  • SHA256

    c564d3dd22d8d0ebe64bc0f5dc78f04798c307d2ae7490327f604efe5346f7ca

  • SHA512

    aa95a48d67728c043c03d5a93cd7139733b534079404886c04f4331a66fc6cd8d006b02d8e3ffb2f246b861924ad5822d736a224227651ec52fec2975a324d29

  • SSDEEP

    1536:kvQBeOGtrYS3srx93UBWfwC6Ggnouy8p5yAXN8dI4I9c1CLcxdw/j:khOmTsF93UYfwC6GIoutpYHrgow/j

Malware Config

Targets

    • Target

      594938fc5fb09ffef66faa29f281e840_NeikiAnalytics.exe

    • Size

      65KB

    • MD5

      594938fc5fb09ffef66faa29f281e840

    • SHA1

      7176b98eaa78e0e837ff19fc6cf5986bce20cc0f

    • SHA256

      c564d3dd22d8d0ebe64bc0f5dc78f04798c307d2ae7490327f604efe5346f7ca

    • SHA512

      aa95a48d67728c043c03d5a93cd7139733b534079404886c04f4331a66fc6cd8d006b02d8e3ffb2f246b861924ad5822d736a224227651ec52fec2975a324d29

    • SSDEEP

      1536:kvQBeOGtrYS3srx93UBWfwC6Ggnouy8p5yAXN8dI4I9c1CLcxdw/j:khOmTsF93UYfwC6GIoutpYHrgow/j

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks