General

  • Target

    5f8026f94e9d53e37c09f3384bd76060_NeikiAnalytics.exe

  • Size

    56KB

  • Sample

    240518-at25eabb9z

  • MD5

    5f8026f94e9d53e37c09f3384bd76060

  • SHA1

    29957b9c0356c93c9939fa5742e6ca16e501773b

  • SHA256

    7abfaf9d56f4c815226dc2408f4fa0ea23924ae453ca893a919c70fae97485e1

  • SHA512

    2531c48f25509c58e5f2e18608d3ac57a5db164bed1ab0f992211408750618579cf0089d8d9a1d0d0f01ad6024f94af65c7a03549399aa179cdc54b75fe18b63

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVnZ:ymb3NkkiQ3mdBjF0crZ

Malware Config

Targets

    • Target

      5f8026f94e9d53e37c09f3384bd76060_NeikiAnalytics.exe

    • Size

      56KB

    • MD5

      5f8026f94e9d53e37c09f3384bd76060

    • SHA1

      29957b9c0356c93c9939fa5742e6ca16e501773b

    • SHA256

      7abfaf9d56f4c815226dc2408f4fa0ea23924ae453ca893a919c70fae97485e1

    • SHA512

      2531c48f25509c58e5f2e18608d3ac57a5db164bed1ab0f992211408750618579cf0089d8d9a1d0d0f01ad6024f94af65c7a03549399aa179cdc54b75fe18b63

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVnZ:ymb3NkkiQ3mdBjF0crZ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks