General

  • Target

    5fabc9037a100cbc6d183c1f11f4f7f0_NeikiAnalytics.exe

  • Size

    254KB

  • Sample

    240518-avlh2sbc4v

  • MD5

    5fabc9037a100cbc6d183c1f11f4f7f0

  • SHA1

    a636501ad98760438fd43d48b509bb8174777d73

  • SHA256

    d97bd71cf8ca7a2f2a62d27f0cf24185636898fc31064076c879fee21eb15a08

  • SHA512

    c75394cab12f0b29e3ce4dd8f8a0b0b5002246656766f95ed185ccaf0def7541c0c31cddcf95585baf9a339ddac193c504b34f2eeed352c4040f4dcfe302082f

  • SSDEEP

    6144:kcm4FmowdHoSphraHcpOaKHpolTjZXvEQo9dfrd:y4wFHoS3eFaKHpKT9XvEhdfrd

Malware Config

Targets

    • Target

      5fabc9037a100cbc6d183c1f11f4f7f0_NeikiAnalytics.exe

    • Size

      254KB

    • MD5

      5fabc9037a100cbc6d183c1f11f4f7f0

    • SHA1

      a636501ad98760438fd43d48b509bb8174777d73

    • SHA256

      d97bd71cf8ca7a2f2a62d27f0cf24185636898fc31064076c879fee21eb15a08

    • SHA512

      c75394cab12f0b29e3ce4dd8f8a0b0b5002246656766f95ed185ccaf0def7541c0c31cddcf95585baf9a339ddac193c504b34f2eeed352c4040f4dcfe302082f

    • SSDEEP

      6144:kcm4FmowdHoSphraHcpOaKHpolTjZXvEQo9dfrd:y4wFHoS3eFaKHpKT9XvEhdfrd

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks