General

  • Target

    72bd232b15842fe948bdaaa030c6f0d0_NeikiAnalytics.exe

  • Size

    62KB

  • Sample

    240518-cgr5safb76

  • MD5

    72bd232b15842fe948bdaaa030c6f0d0

  • SHA1

    d95f13689ea598be4383ec5d9ec951ac08ebab87

  • SHA256

    b0b43972242b3f442ab9e2bcd819c4ddbda0e5a99c2880716478b27d14502ebd

  • SHA512

    50a5d03841e3f17cbaa881c4e9c918b38a3787a5169f976573ae4d1a7e69e905eaa0239e254cd22767938481966cf5d279b7fa65677d3d5bfa765bad00e18bfa

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAxRcNoOs:ymb3NkkiQ3mdBjFoJyOs

Malware Config

Targets

    • Target

      72bd232b15842fe948bdaaa030c6f0d0_NeikiAnalytics.exe

    • Size

      62KB

    • MD5

      72bd232b15842fe948bdaaa030c6f0d0

    • SHA1

      d95f13689ea598be4383ec5d9ec951ac08ebab87

    • SHA256

      b0b43972242b3f442ab9e2bcd819c4ddbda0e5a99c2880716478b27d14502ebd

    • SHA512

      50a5d03841e3f17cbaa881c4e9c918b38a3787a5169f976573ae4d1a7e69e905eaa0239e254cd22767938481966cf5d279b7fa65677d3d5bfa765bad00e18bfa

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAxRcNoOs:ymb3NkkiQ3mdBjFoJyOs

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks