General

  • Target

    76e386fca6d0f246658f50720a81c7f0_NeikiAnalytics.exe

  • Size

    267KB

  • Sample

    240518-cymxdsgb3s

  • MD5

    76e386fca6d0f246658f50720a81c7f0

  • SHA1

    dec86860fa9504c6cab1eddd8d28bd556db6179c

  • SHA256

    087158b469f73ac11e72a032d8776af85b7bb5905392f1d8bf111483f009e6f5

  • SHA512

    e8f3d94f64463b7080da493c5d5c4eb7a345035acdff24012e95657a256684259c322fe5172fee4a14966c48736b8ffc305de599c346fb796cca31a935e10733

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmPzTkV2y/QTa9RBZydZbf83pnzgmmIMz:n3C9BRIG0asYFm71mPfkVB8dKwaWj

Malware Config

Targets

    • Target

      76e386fca6d0f246658f50720a81c7f0_NeikiAnalytics.exe

    • Size

      267KB

    • MD5

      76e386fca6d0f246658f50720a81c7f0

    • SHA1

      dec86860fa9504c6cab1eddd8d28bd556db6179c

    • SHA256

      087158b469f73ac11e72a032d8776af85b7bb5905392f1d8bf111483f009e6f5

    • SHA512

      e8f3d94f64463b7080da493c5d5c4eb7a345035acdff24012e95657a256684259c322fe5172fee4a14966c48736b8ffc305de599c346fb796cca31a935e10733

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmPzTkV2y/QTa9RBZydZbf83pnzgmmIMz:n3C9BRIG0asYFm71mPfkVB8dKwaWj

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks