General

  • Target

    714c40528343351a03ab0f05d0720120_NeikiAnalytics.exe

  • Size

    63KB

  • Sample

    240518-cd1yhsfa27

  • MD5

    714c40528343351a03ab0f05d0720120

  • SHA1

    7f7a9668ca198c8524175a3feb08ebd4f5f1db1d

  • SHA256

    2f023acfb75011d8696b1e827e326c25c9c157fafe3e45eb600c68f6fab8e345

  • SHA512

    6e7833583c27b2627eb0c4ed8990623731962d6263320a257df0d48bda1cdaa3ad129fc6563684d92756cc7e9fbd496c0664ba769a55d331f37817be1dd37ced

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIhJm/wg:ymb3NkkiQ3mdBjFILm3

Malware Config

Targets

    • Target

      714c40528343351a03ab0f05d0720120_NeikiAnalytics.exe

    • Size

      63KB

    • MD5

      714c40528343351a03ab0f05d0720120

    • SHA1

      7f7a9668ca198c8524175a3feb08ebd4f5f1db1d

    • SHA256

      2f023acfb75011d8696b1e827e326c25c9c157fafe3e45eb600c68f6fab8e345

    • SHA512

      6e7833583c27b2627eb0c4ed8990623731962d6263320a257df0d48bda1cdaa3ad129fc6563684d92756cc7e9fbd496c0664ba769a55d331f37817be1dd37ced

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIhJm/wg:ymb3NkkiQ3mdBjFILm3

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks