General

  • Target

    74ec9aff4e8d5587a0c0e73ad4930030_NeikiAnalytics.exe

  • Size

    78KB

  • Sample

    240518-cp45baff4x

  • MD5

    74ec9aff4e8d5587a0c0e73ad4930030

  • SHA1

    55579adb863243761b5e420270223a3f64b20df8

  • SHA256

    fb2ceb0b29e52b31c6c2262d10777a4cb743745d66367fd040ad6987a19af2ab

  • SHA512

    7f61b315dbfd16c0689d69b2927407db22b0237d5b939acde6f547ac140317e5ab6eaaeba9b2b2306e0dac45ea9b70fb6ec712da72f053877c9a815bc5a990a3

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIjaQkPcy8WTeAwHWkDLn2:ymb3NkkiQ3mdBjFIpkPcy8qsHjDD2

Malware Config

Targets

    • Target

      74ec9aff4e8d5587a0c0e73ad4930030_NeikiAnalytics.exe

    • Size

      78KB

    • MD5

      74ec9aff4e8d5587a0c0e73ad4930030

    • SHA1

      55579adb863243761b5e420270223a3f64b20df8

    • SHA256

      fb2ceb0b29e52b31c6c2262d10777a4cb743745d66367fd040ad6987a19af2ab

    • SHA512

      7f61b315dbfd16c0689d69b2927407db22b0237d5b939acde6f547ac140317e5ab6eaaeba9b2b2306e0dac45ea9b70fb6ec712da72f053877c9a815bc5a990a3

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIjaQkPcy8WTeAwHWkDLn2:ymb3NkkiQ3mdBjFIpkPcy8qsHjDD2

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks