General

  • Target

    7063a42f0ec2179e092d6d1f59f96e20_NeikiAnalytics.exe

  • Size

    185KB

  • Sample

    240518-ca78eseh2x

  • MD5

    7063a42f0ec2179e092d6d1f59f96e20

  • SHA1

    1b36dfde9cc4f12bdb430954f127f8905c6dd2de

  • SHA256

    1e5a044cf6d4ea6e23ece26c7637cea1787116468d58b9fe917c2fbfd2c50f65

  • SHA512

    c218ecaa29588feba06e90720196821fb420333861f6b8c1a13abceff9ce75a67266af1db5161057e2b9d9409f2c3433c4fb784592e041a774cab3ae61a90ae1

  • SSDEEP

    3072:3hOmTsF93UYfwC6GIoutw8YcvrqrE66kropO6BWlPFH4tw1D43eML:3cm4FmowdHoSzhraHcpOFltH4twl43vL

Malware Config

Targets

    • Target

      7063a42f0ec2179e092d6d1f59f96e20_NeikiAnalytics.exe

    • Size

      185KB

    • MD5

      7063a42f0ec2179e092d6d1f59f96e20

    • SHA1

      1b36dfde9cc4f12bdb430954f127f8905c6dd2de

    • SHA256

      1e5a044cf6d4ea6e23ece26c7637cea1787116468d58b9fe917c2fbfd2c50f65

    • SHA512

      c218ecaa29588feba06e90720196821fb420333861f6b8c1a13abceff9ce75a67266af1db5161057e2b9d9409f2c3433c4fb784592e041a774cab3ae61a90ae1

    • SSDEEP

      3072:3hOmTsF93UYfwC6GIoutw8YcvrqrE66kropO6BWlPFH4tw1D43eML:3cm4FmowdHoSzhraHcpOFltH4twl43vL

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks