General

  • Target

    71f1470119db8067e405edc2bec903a0_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240518-ce98ksfa93

  • MD5

    71f1470119db8067e405edc2bec903a0

  • SHA1

    602af999d7517e617dbd7a0ab92eddb813765c99

  • SHA256

    109771261381fdb063d705b116b12284bcbb53aeb7d761ee6a52505966055194

  • SHA512

    8f5054f68389c3a4d2e89f794f54101f1b15e0df779b5408fdc6ca9924186149271ccb2b91b69c044bfd052af226131fe8c84af4000c5867e8ded92435225cb6

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px73:n3C9uYA71kSMu08px73

Malware Config

Targets

    • Target

      71f1470119db8067e405edc2bec903a0_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      71f1470119db8067e405edc2bec903a0

    • SHA1

      602af999d7517e617dbd7a0ab92eddb813765c99

    • SHA256

      109771261381fdb063d705b116b12284bcbb53aeb7d761ee6a52505966055194

    • SHA512

      8f5054f68389c3a4d2e89f794f54101f1b15e0df779b5408fdc6ca9924186149271ccb2b91b69c044bfd052af226131fe8c84af4000c5867e8ded92435225cb6

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px73:n3C9uYA71kSMu08px73

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks