General

  • Target

    779d28321f64630cd32f27f917229420_NeikiAnalytics.exe

  • Size

    90KB

  • Sample

    240518-c1jyhsgb97

  • MD5

    779d28321f64630cd32f27f917229420

  • SHA1

    b534038ffb320faee0b764d1dbfc9f5b273199d9

  • SHA256

    e25a86193ea03bfee1cdacd0131222990b5606a7e8927e13b0cbb8d99849dccd

  • SHA512

    2d3adceee0ce6552bf459ac6c2b997047f0de92aee437db57fd2628d25ac62530cb583216d562024e9b22f72eb8645d664b0e17cd63343d9b204366cf7bab305

  • SSDEEP

    1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWp7:8hOmTsF93UYfwC6GIout0fmCiiiXA6m1

Malware Config

Targets

    • Target

      779d28321f64630cd32f27f917229420_NeikiAnalytics.exe

    • Size

      90KB

    • MD5

      779d28321f64630cd32f27f917229420

    • SHA1

      b534038ffb320faee0b764d1dbfc9f5b273199d9

    • SHA256

      e25a86193ea03bfee1cdacd0131222990b5606a7e8927e13b0cbb8d99849dccd

    • SHA512

      2d3adceee0ce6552bf459ac6c2b997047f0de92aee437db57fd2628d25ac62530cb583216d562024e9b22f72eb8645d664b0e17cd63343d9b204366cf7bab305

    • SSDEEP

      1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWp7:8hOmTsF93UYfwC6GIout0fmCiiiXA6m1

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks