General

  • Target

    84466ac43b4575dde674e9aaf216ad00_NeikiAnalytics.exe

  • Size

    122KB

  • Sample

    240518-d7xcvsae25

  • MD5

    84466ac43b4575dde674e9aaf216ad00

  • SHA1

    eb64efa57ca3e30fbc6f984379a39db32f4a142b

  • SHA256

    ecc6f2a9b8dff8cb0ac127ae33dac08ec3e56e8ab28018fd4c27b32e5708ca85

  • SHA512

    f95a708c15fa1eb80eb919482fbcc2d6bea7dc737fb900c9b771b435738fde869e8cd3d04d97c72595983f1f3ab38fea016652fd411ee83f5c433507effe9f9e

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFWXkj7afoHvmQ+EZMYX90Ifcmp:n3C9BRW0j/uVEZFmIk+

Malware Config

Targets

    • Target

      84466ac43b4575dde674e9aaf216ad00_NeikiAnalytics.exe

    • Size

      122KB

    • MD5

      84466ac43b4575dde674e9aaf216ad00

    • SHA1

      eb64efa57ca3e30fbc6f984379a39db32f4a142b

    • SHA256

      ecc6f2a9b8dff8cb0ac127ae33dac08ec3e56e8ab28018fd4c27b32e5708ca85

    • SHA512

      f95a708c15fa1eb80eb919482fbcc2d6bea7dc737fb900c9b771b435738fde869e8cd3d04d97c72595983f1f3ab38fea016652fd411ee83f5c433507effe9f9e

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFWXkj7afoHvmQ+EZMYX90Ifcmp:n3C9BRW0j/uVEZFmIk+

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks