General

  • Target

    6f77349b58d20e4295209c9643aa7f10_NeikiAnalytics.exe

  • Size

    277KB

  • Sample

    240518-b812bsef7s

  • MD5

    6f77349b58d20e4295209c9643aa7f10

  • SHA1

    ae085f328ee98fb87ea775b2abf0e06f94117c05

  • SHA256

    5ed89e929d463af72fd814002d3c630204b47272b964230da9cede77aab62996

  • SHA512

    c34fb3aa36083292aca669eafa95468339da94edde68462d8bef5df277354b0d944a5b52a2062e79f02bb439e0067abe1d3d92d4fe66df606751eb670c983fb8

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7Vvemm:n3C9uYA71kSMuM

Malware Config

Targets

    • Target

      6f77349b58d20e4295209c9643aa7f10_NeikiAnalytics.exe

    • Size

      277KB

    • MD5

      6f77349b58d20e4295209c9643aa7f10

    • SHA1

      ae085f328ee98fb87ea775b2abf0e06f94117c05

    • SHA256

      5ed89e929d463af72fd814002d3c630204b47272b964230da9cede77aab62996

    • SHA512

      c34fb3aa36083292aca669eafa95468339da94edde68462d8bef5df277354b0d944a5b52a2062e79f02bb439e0067abe1d3d92d4fe66df606751eb670c983fb8

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7Vvemm:n3C9uYA71kSMuM

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks