General

  • Target

    5b541d6504828f789e0faf085e3eecc0_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240518-ag12ksad72

  • MD5

    5b541d6504828f789e0faf085e3eecc0

  • SHA1

    3a21a2fa1a8a5c40c2cf185a287c5e3d4989468b

  • SHA256

    e5b1071d1182f435413023278a7a2d76058a3ae807dcb5de97a10643b3fccae3

  • SHA512

    d401eb595aad0235691e6c5293745fcc9806aaab79ce3395663ffff537811e02d92bb02f87d7069cd991050fd1e6ad3a502955a598d4795a37a514a0709edf44

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px73:n3C9uYA71kSMu08px73

Malware Config

Targets

    • Target

      5b541d6504828f789e0faf085e3eecc0_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      5b541d6504828f789e0faf085e3eecc0

    • SHA1

      3a21a2fa1a8a5c40c2cf185a287c5e3d4989468b

    • SHA256

      e5b1071d1182f435413023278a7a2d76058a3ae807dcb5de97a10643b3fccae3

    • SHA512

      d401eb595aad0235691e6c5293745fcc9806aaab79ce3395663ffff537811e02d92bb02f87d7069cd991050fd1e6ad3a502955a598d4795a37a514a0709edf44

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px73:n3C9uYA71kSMu08px73

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks