General

  • Target

    59b8edc35bc881251fe3d4af246e1f30_NeikiAnalytics.exe

  • Size

    255KB

  • Sample

    240518-acjazaab57

  • MD5

    59b8edc35bc881251fe3d4af246e1f30

  • SHA1

    9f8a52894f48f15d0e192344a932c9e7cd2107ef

  • SHA256

    20243f669ed11c02d876206a2620ca7bc90dbf6158531dbcf0d1daa900b6f293

  • SHA512

    ca04eac35f8ad7f82565c50701563b2f133b1ec39a6a847d37d26320fa6f1743c95c5f7d27f4b6db45c8e1b7398fc186a392e024570eeb7dba37592b958de032

  • SSDEEP

    6144:kcm4FmowdHoSphraHcpOaKHpolTjZXvEQo9dfrr:y4wFHoS3eFaKHpKT9XvEhdfrr

Malware Config

Targets

    • Target

      59b8edc35bc881251fe3d4af246e1f30_NeikiAnalytics.exe

    • Size

      255KB

    • MD5

      59b8edc35bc881251fe3d4af246e1f30

    • SHA1

      9f8a52894f48f15d0e192344a932c9e7cd2107ef

    • SHA256

      20243f669ed11c02d876206a2620ca7bc90dbf6158531dbcf0d1daa900b6f293

    • SHA512

      ca04eac35f8ad7f82565c50701563b2f133b1ec39a6a847d37d26320fa6f1743c95c5f7d27f4b6db45c8e1b7398fc186a392e024570eeb7dba37592b958de032

    • SSDEEP

      6144:kcm4FmowdHoSphraHcpOaKHpolTjZXvEQo9dfrr:y4wFHoS3eFaKHpKT9XvEhdfrr

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks