General

  • Target

    5fdf0f229757ed6a5865ae0e5d7fd970_NeikiAnalytics.exe

  • Size

    382KB

  • Sample

    240518-av1b7sbc6v

  • MD5

    5fdf0f229757ed6a5865ae0e5d7fd970

  • SHA1

    816ac8a811fb8318170a2ab897b42fbe2fd17f79

  • SHA256

    1180911b06ee1424ccd16cebb92b47d002e445558687b840f78eabecc4ec5b3f

  • SHA512

    dbe38cc7b7450d90457a8689c92bc126cec1b579deb4e45e87da68a29a686a54970d0c1c6979f9b9f9f8b3595127a40790467e7064daf3483e3ac462db048d46

  • SSDEEP

    6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0IbswYT8:y4wFHoS3eFaKHpNKbbswe8

Malware Config

Targets

    • Target

      5fdf0f229757ed6a5865ae0e5d7fd970_NeikiAnalytics.exe

    • Size

      382KB

    • MD5

      5fdf0f229757ed6a5865ae0e5d7fd970

    • SHA1

      816ac8a811fb8318170a2ab897b42fbe2fd17f79

    • SHA256

      1180911b06ee1424ccd16cebb92b47d002e445558687b840f78eabecc4ec5b3f

    • SHA512

      dbe38cc7b7450d90457a8689c92bc126cec1b579deb4e45e87da68a29a686a54970d0c1c6979f9b9f9f8b3595127a40790467e7064daf3483e3ac462db048d46

    • SSDEEP

      6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0IbswYT8:y4wFHoS3eFaKHpNKbbswe8

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks