General

  • Target

    5dba204df73601c53517a7bd848e1a20_NeikiAnalytics.exe

  • Size

    94KB

  • Sample

    240518-angxaaag74

  • MD5

    5dba204df73601c53517a7bd848e1a20

  • SHA1

    e3b2feb985bc81efe35b39da6021f7f86b25fdb5

  • SHA256

    3c1587886582f2c98bea7bf19318937747b1f0c30900f1694db3c7ff69aeaef4

  • SHA512

    697e4575f292b3c52f55fe37fa77aabbe5ed64b298d54a9e5d350fef52fa5ef1addd3174ffe4d3eba09df6e76830d4448741c5e96f904f0cfc170de1857d31ba

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDInWeNCYGyA2R7JxJAg8dtx6:ymb3NkkiQ3mdBjFIWeFGyAsJAg2x6

Malware Config

Targets

    • Target

      5dba204df73601c53517a7bd848e1a20_NeikiAnalytics.exe

    • Size

      94KB

    • MD5

      5dba204df73601c53517a7bd848e1a20

    • SHA1

      e3b2feb985bc81efe35b39da6021f7f86b25fdb5

    • SHA256

      3c1587886582f2c98bea7bf19318937747b1f0c30900f1694db3c7ff69aeaef4

    • SHA512

      697e4575f292b3c52f55fe37fa77aabbe5ed64b298d54a9e5d350fef52fa5ef1addd3174ffe4d3eba09df6e76830d4448741c5e96f904f0cfc170de1857d31ba

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDInWeNCYGyA2R7JxJAg8dtx6:ymb3NkkiQ3mdBjFIWeFGyAsJAg2x6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks