General

  • Target

    5f9d305a8929e94f9a4f3c2ce3a90db0_NeikiAnalytics.exe

  • Size

    277KB

  • Sample

    240518-aveeqsbc3t

  • MD5

    5f9d305a8929e94f9a4f3c2ce3a90db0

  • SHA1

    181f0ec2d82f83287772e0d15c3c8d086fd0676b

  • SHA256

    7aee110de9a4a462c82198b68bbe3baf31045740282525d10f53a516dbbeb493

  • SHA512

    50879dabe26ddc8cb68db6fa01a5e5be66f312ab97d6930440a8c112177601fe7f78c7c735b03142f404da53589770e7c148b34620075e258270b9ca34920e60

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7VvemA:n3C9uYA71kSMua

Malware Config

Targets

    • Target

      5f9d305a8929e94f9a4f3c2ce3a90db0_NeikiAnalytics.exe

    • Size

      277KB

    • MD5

      5f9d305a8929e94f9a4f3c2ce3a90db0

    • SHA1

      181f0ec2d82f83287772e0d15c3c8d086fd0676b

    • SHA256

      7aee110de9a4a462c82198b68bbe3baf31045740282525d10f53a516dbbeb493

    • SHA512

      50879dabe26ddc8cb68db6fa01a5e5be66f312ab97d6930440a8c112177601fe7f78c7c735b03142f404da53589770e7c148b34620075e258270b9ca34920e60

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7VvemA:n3C9uYA71kSMua

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks