General

  • Target

    5ad5d8772ed6de609cda84d498893ff0_NeikiAnalytics.exe

  • Size

    183KB

  • Sample

    240518-afsntaad26

  • MD5

    5ad5d8772ed6de609cda84d498893ff0

  • SHA1

    5de76202bfc9cce7975c884237ba5a993503e627

  • SHA256

    1b84d766587542b7391cd8d715a9c0753b0fe1d9af43b2930cb4383e9f070f52

  • SHA512

    d43a2b69d7100a51f44533c000e36dcaf34e94c170f9be19e3d908c863e5eb7d2b8c1c5a41f76b596a3622d48ed9f673b4011c42a47513aaeee2b18b4264471b

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+EMdbj:PhOm2sI93UufdC67ciJTWMdbj

Malware Config

Targets

    • Target

      5ad5d8772ed6de609cda84d498893ff0_NeikiAnalytics.exe

    • Size

      183KB

    • MD5

      5ad5d8772ed6de609cda84d498893ff0

    • SHA1

      5de76202bfc9cce7975c884237ba5a993503e627

    • SHA256

      1b84d766587542b7391cd8d715a9c0753b0fe1d9af43b2930cb4383e9f070f52

    • SHA512

      d43a2b69d7100a51f44533c000e36dcaf34e94c170f9be19e3d908c863e5eb7d2b8c1c5a41f76b596a3622d48ed9f673b4011c42a47513aaeee2b18b4264471b

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+EMdbj:PhOm2sI93UufdC67ciJTWMdbj

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks