General

  • Target

    744a615120339636508815f6e1b40b10_NeikiAnalytics.exe

  • Size

    87KB

  • Sample

    240518-cmh43afe4t

  • MD5

    744a615120339636508815f6e1b40b10

  • SHA1

    3f73cc8fd1a605e3a7bb06432f4a9a06ce62fc14

  • SHA256

    e6af7513a61fa53adc220eb993f0205ab138fd0d21fec8cecc3c5828ad035d10

  • SHA512

    baf5c53ee4912765f6e4fda940c7f153e65b2957825bf2bb1e7c60a85a67bd0c2d1f0294bab2b30607a114f95df07d7f39ad1f3e05b14f8f01c0bdb306f616b5

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2wV3jaCJ5jH3e7O:ymb3NkkiQ3mdBjF+3TU2K3bJZXV

Malware Config

Targets

    • Target

      744a615120339636508815f6e1b40b10_NeikiAnalytics.exe

    • Size

      87KB

    • MD5

      744a615120339636508815f6e1b40b10

    • SHA1

      3f73cc8fd1a605e3a7bb06432f4a9a06ce62fc14

    • SHA256

      e6af7513a61fa53adc220eb993f0205ab138fd0d21fec8cecc3c5828ad035d10

    • SHA512

      baf5c53ee4912765f6e4fda940c7f153e65b2957825bf2bb1e7c60a85a67bd0c2d1f0294bab2b30607a114f95df07d7f39ad1f3e05b14f8f01c0bdb306f616b5

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2wV3jaCJ5jH3e7O:ymb3NkkiQ3mdBjF+3TU2K3bJZXV

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks