General

  • Target

    7002238cd505fef34f6cbc5055855f30_NeikiAnalytics.exe

  • Size

    74KB

  • Sample

    240518-b9373sef96

  • MD5

    7002238cd505fef34f6cbc5055855f30

  • SHA1

    49c2669f3931dff9525d18b8b708aa6e3eb85e72

  • SHA256

    4c57d002564337270a3609e50e4f04be513497245308ae6ae840672ee62de9db

  • SHA512

    e0d3e538e9b8a67ea8797dc8c58b17081e32a03cf6bc81c895d000ab2d8ffe4a4be4befeedf59ccf27ba813e3253cdfd2331d933d5e6a650b7225b383cdfb8ef

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIrmCeRMKeWqNSZ0:ymb3NkkiQ3mdBjFIjek5B

Malware Config

Targets

    • Target

      7002238cd505fef34f6cbc5055855f30_NeikiAnalytics.exe

    • Size

      74KB

    • MD5

      7002238cd505fef34f6cbc5055855f30

    • SHA1

      49c2669f3931dff9525d18b8b708aa6e3eb85e72

    • SHA256

      4c57d002564337270a3609e50e4f04be513497245308ae6ae840672ee62de9db

    • SHA512

      e0d3e538e9b8a67ea8797dc8c58b17081e32a03cf6bc81c895d000ab2d8ffe4a4be4befeedf59ccf27ba813e3253cdfd2331d933d5e6a650b7225b383cdfb8ef

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIrmCeRMKeWqNSZ0:ymb3NkkiQ3mdBjFIjek5B

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks