General

  • Target

    769814ce9fd881814883d29a9d6b40e0_NeikiAnalytics.exe

  • Size

    55KB

  • Sample

    240518-cxf3fsga4z

  • MD5

    769814ce9fd881814883d29a9d6b40e0

  • SHA1

    fccf193f90e117d90a971bd3a441ec552c425fb2

  • SHA256

    7019806456b0d2f2d2b96661d19032b96433c8d207326dba30422ec78ba39aeb

  • SHA512

    a31af6be68b2d80e01bf9296304331d579cf3f42c86baabcc608ab1f02f2481be7c00672787c91ef237ea013cd3390d4309fcbb2b5c10fbceb229e7080f0c777

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFN:ymb3NkkiQ3mdBjFIFN

Malware Config

Targets

    • Target

      769814ce9fd881814883d29a9d6b40e0_NeikiAnalytics.exe

    • Size

      55KB

    • MD5

      769814ce9fd881814883d29a9d6b40e0

    • SHA1

      fccf193f90e117d90a971bd3a441ec552c425fb2

    • SHA256

      7019806456b0d2f2d2b96661d19032b96433c8d207326dba30422ec78ba39aeb

    • SHA512

      a31af6be68b2d80e01bf9296304331d579cf3f42c86baabcc608ab1f02f2481be7c00672787c91ef237ea013cd3390d4309fcbb2b5c10fbceb229e7080f0c777

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFN:ymb3NkkiQ3mdBjFIFN

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks