General

  • Target

    60935a0ec108ddbbdd9348178b675430_NeikiAnalytics.exe

  • Size

    71KB

  • Sample

    240518-axztfsbd46

  • MD5

    60935a0ec108ddbbdd9348178b675430

  • SHA1

    b561ef26cb8a1564ae3fc78006a92a41cc7b64fd

  • SHA256

    060ca2c233bb8c6b1fe5c1d7e89141318f46cf60e1e8c1317225e999411adae1

  • SHA512

    a24c98512360f3075f31c946b8667a086c06216edc69a66154ce429b0964c469a4d96e336351a0931177ec831b7c36738eea0591f2995405f8ad4cb87032e5cf

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73tgyYrzxXPm:ymb3NkkiQ3mdBjFo73thYpXO

Malware Config

Targets

    • Target

      60935a0ec108ddbbdd9348178b675430_NeikiAnalytics.exe

    • Size

      71KB

    • MD5

      60935a0ec108ddbbdd9348178b675430

    • SHA1

      b561ef26cb8a1564ae3fc78006a92a41cc7b64fd

    • SHA256

      060ca2c233bb8c6b1fe5c1d7e89141318f46cf60e1e8c1317225e999411adae1

    • SHA512

      a24c98512360f3075f31c946b8667a086c06216edc69a66154ce429b0964c469a4d96e336351a0931177ec831b7c36738eea0591f2995405f8ad4cb87032e5cf

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73tgyYrzxXPm:ymb3NkkiQ3mdBjFo73thYpXO

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks