General

  • Target

    71198a5861979a82b638a73d9443a220_NeikiAnalytics.exe

  • Size

    66KB

  • Sample

    240518-cdf84seh87

  • MD5

    71198a5861979a82b638a73d9443a220

  • SHA1

    da4f0d3a538de6bdede428951597a213df6633e1

  • SHA256

    420f444e9baf5ab249b68e8d0d758fab89fe09d4f9d00209dd42f2e4fede3293

  • SHA512

    211e21ec58fdc826d90ca28bf3242a3586fa18ea0cad319fcbc1ef67028adeac7a119dbbcd35a0e2a4326b3ae7362f8dcb447d1d74ae50f3a5e77b14cd3d8346

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6Mu/ePS3AyXmc3:ymb3NkkiQ3mdBjFI46TQyXmc3

Malware Config

Targets

    • Target

      71198a5861979a82b638a73d9443a220_NeikiAnalytics.exe

    • Size

      66KB

    • MD5

      71198a5861979a82b638a73d9443a220

    • SHA1

      da4f0d3a538de6bdede428951597a213df6633e1

    • SHA256

      420f444e9baf5ab249b68e8d0d758fab89fe09d4f9d00209dd42f2e4fede3293

    • SHA512

      211e21ec58fdc826d90ca28bf3242a3586fa18ea0cad319fcbc1ef67028adeac7a119dbbcd35a0e2a4326b3ae7362f8dcb447d1d74ae50f3a5e77b14cd3d8346

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6Mu/ePS3AyXmc3:ymb3NkkiQ3mdBjFI46TQyXmc3

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks