General

  • Target

    7222f1aa55b8a044a627ce86ed7f2350_NeikiAnalytics.exe

  • Size

    62KB

  • Sample

    240518-cfhvqafb61

  • MD5

    7222f1aa55b8a044a627ce86ed7f2350

  • SHA1

    48fd95096cc1cd965b1269ae8424fea59d366c55

  • SHA256

    d377455089a9c833d22917e918cf9906ac3f90cf9500a048843f2204c519ed58

  • SHA512

    8c1f6959a4113ad8db32c98b522f49779f125916cdab75e428c034b1cdb46f81e73a977a57a9e1d0f8d33cf891fd5fe4a61ae911ebcce9c6f1ec4366c02364c1

  • SSDEEP

    1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+EMdb:zhOmTsF93UYfwC6GIoutiTWMdb

Malware Config

Targets

    • Target

      7222f1aa55b8a044a627ce86ed7f2350_NeikiAnalytics.exe

    • Size

      62KB

    • MD5

      7222f1aa55b8a044a627ce86ed7f2350

    • SHA1

      48fd95096cc1cd965b1269ae8424fea59d366c55

    • SHA256

      d377455089a9c833d22917e918cf9906ac3f90cf9500a048843f2204c519ed58

    • SHA512

      8c1f6959a4113ad8db32c98b522f49779f125916cdab75e428c034b1cdb46f81e73a977a57a9e1d0f8d33cf891fd5fe4a61ae911ebcce9c6f1ec4366c02364c1

    • SSDEEP

      1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+EMdb:zhOmTsF93UYfwC6GIoutiTWMdb

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks