General

  • Target

    72deea551ac5f5394662913e716a4c10_NeikiAnalytics.exe

  • Size

    334KB

  • Sample

    240518-cg45cafb88

  • MD5

    72deea551ac5f5394662913e716a4c10

  • SHA1

    491aa577465afbda9c13dc065edbcdfd27ee4169

  • SHA256

    336d9215a425bccee3e606d0894018e4723587c1d4d06f7fdfc52a1ba3afeefd

  • SHA512

    dfb1ed6aa225bca4a888c064ff2492663cfb79b7aad37e489fa5cd535b99a0e4a971b221366b50f84ea3aa87cff3ad76a4a8fae87297a8dccf9d67b673c762c8

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/v:x4wFHoS3eFaKHpv/VycgE8ov

Malware Config

Targets

    • Target

      72deea551ac5f5394662913e716a4c10_NeikiAnalytics.exe

    • Size

      334KB

    • MD5

      72deea551ac5f5394662913e716a4c10

    • SHA1

      491aa577465afbda9c13dc065edbcdfd27ee4169

    • SHA256

      336d9215a425bccee3e606d0894018e4723587c1d4d06f7fdfc52a1ba3afeefd

    • SHA512

      dfb1ed6aa225bca4a888c064ff2492663cfb79b7aad37e489fa5cd535b99a0e4a971b221366b50f84ea3aa87cff3ad76a4a8fae87297a8dccf9d67b673c762c8

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/v:x4wFHoS3eFaKHpv/VycgE8ov

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks