General

  • Target

    7031ac1d1eafc40ecb31d99caa517fa0_NeikiAnalytics.exe

  • Size

    68KB

  • Sample

    240518-caqndaeg7y

  • MD5

    7031ac1d1eafc40ecb31d99caa517fa0

  • SHA1

    9504e41a1bda1b22e5ba0ab4cae2cbfc718174a6

  • SHA256

    8a87dea92fb08d36e1ae3865760662236d819fe2e655a486f2d40778f85ad186

  • SHA512

    833f293f082bfcea49945df9e4f434e2a7d3fce5cd2f313b8904f0fff6cf1d13f1d269b8dbc4bb7cf8f8b9ad5ee5280f558fedf8243270afd92614909eb423f6

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvuzk358nLA89u:ymb3NkkiQ3mdBjFIvl358nLA89u

Malware Config

Targets

    • Target

      7031ac1d1eafc40ecb31d99caa517fa0_NeikiAnalytics.exe

    • Size

      68KB

    • MD5

      7031ac1d1eafc40ecb31d99caa517fa0

    • SHA1

      9504e41a1bda1b22e5ba0ab4cae2cbfc718174a6

    • SHA256

      8a87dea92fb08d36e1ae3865760662236d819fe2e655a486f2d40778f85ad186

    • SHA512

      833f293f082bfcea49945df9e4f434e2a7d3fce5cd2f313b8904f0fff6cf1d13f1d269b8dbc4bb7cf8f8b9ad5ee5280f558fedf8243270afd92614909eb423f6

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvuzk358nLA89u:ymb3NkkiQ3mdBjFIvl358nLA89u

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks