General

  • Target

    6f43bb279b2fa1cd58aa3da140b6f4d0_NeikiAnalytics.exe

  • Size

    339KB

  • Sample

    240518-b8nq1aef28

  • MD5

    6f43bb279b2fa1cd58aa3da140b6f4d0

  • SHA1

    64e3020c8cfe110390c92ecee08f699201250434

  • SHA256

    3da44179e2a1a009919fe2234fd3e545565fee8a3f26f8d2895ef37dae432251

  • SHA512

    8a9627e9419ef6b1dff221f97b5e0dc066cdf549d261ea1b661661e457d3e2b1e1816343f30e0888fa8730ab010d720c743a6aa677b9f498475a8ff52b4f039c

  • SSDEEP

    3072:9hOmTsF93UYfwC6GIoutz5yLpcgDE4JBHNgu5ex1B2OkEv0KvmhNi7:9cm4FmowdHoS4BtguSPKyH7

Malware Config

Targets

    • Target

      6f43bb279b2fa1cd58aa3da140b6f4d0_NeikiAnalytics.exe

    • Size

      339KB

    • MD5

      6f43bb279b2fa1cd58aa3da140b6f4d0

    • SHA1

      64e3020c8cfe110390c92ecee08f699201250434

    • SHA256

      3da44179e2a1a009919fe2234fd3e545565fee8a3f26f8d2895ef37dae432251

    • SHA512

      8a9627e9419ef6b1dff221f97b5e0dc066cdf549d261ea1b661661e457d3e2b1e1816343f30e0888fa8730ab010d720c743a6aa677b9f498475a8ff52b4f039c

    • SSDEEP

      3072:9hOmTsF93UYfwC6GIoutz5yLpcgDE4JBHNgu5ex1B2OkEv0KvmhNi7:9cm4FmowdHoS4BtguSPKyH7

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks