General

  • Target

    6125a89abada25f84b095af9dcd5a5a0_NeikiAnalytics.exe

  • Size

    81KB

  • Sample

    240518-az5gqabe8t

  • MD5

    6125a89abada25f84b095af9dcd5a5a0

  • SHA1

    3e59ab55caf26582f9603a2fce076a0fe078e818

  • SHA256

    0cb8a35ed4a8b7e3f636f777213464817d4ea3ab16b46824a38705c90b73eee5

  • SHA512

    6a4c85682ba19af2724eb11efa0639cd0c42bd2127e398265c7e170048ae9da764111ab3bec9be31f5251f73798fbc8932edd3eb371453c2e57e4760e4ce8dd2

  • SSDEEP

    1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6T7QiU:zhOmTsF93UYfwC6GIoutiTU2HVS63QiU

Malware Config

Targets

    • Target

      6125a89abada25f84b095af9dcd5a5a0_NeikiAnalytics.exe

    • Size

      81KB

    • MD5

      6125a89abada25f84b095af9dcd5a5a0

    • SHA1

      3e59ab55caf26582f9603a2fce076a0fe078e818

    • SHA256

      0cb8a35ed4a8b7e3f636f777213464817d4ea3ab16b46824a38705c90b73eee5

    • SHA512

      6a4c85682ba19af2724eb11efa0639cd0c42bd2127e398265c7e170048ae9da764111ab3bec9be31f5251f73798fbc8932edd3eb371453c2e57e4760e4ce8dd2

    • SSDEEP

      1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6T7QiU:zhOmTsF93UYfwC6GIoutiTU2HVS63QiU

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks