General

  • Target

    8e3b7d05ba3602ac351230c12fa25130_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240518-e9ljtacc43

  • MD5

    8e3b7d05ba3602ac351230c12fa25130

  • SHA1

    2acabe473588b60ef07848bc80ada3f89d5f6f9c

  • SHA256

    fffe4ad264f172e3d8ccd5ed05de2c476068b375db5ff0878b93981c21aabb5f

  • SHA512

    4a76cc869b7545f506e017233efbae652f514462d99a94bef44b4e020e2a0a688f0d2d57b541ed90bc250458c8c5998430a516869aed7a50e09a791a41c31649

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuT:n3C9ytvngQj429nnzeZhBC

Malware Config

Targets

    • Target

      8e3b7d05ba3602ac351230c12fa25130_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      8e3b7d05ba3602ac351230c12fa25130

    • SHA1

      2acabe473588b60ef07848bc80ada3f89d5f6f9c

    • SHA256

      fffe4ad264f172e3d8ccd5ed05de2c476068b375db5ff0878b93981c21aabb5f

    • SHA512

      4a76cc869b7545f506e017233efbae652f514462d99a94bef44b4e020e2a0a688f0d2d57b541ed90bc250458c8c5998430a516869aed7a50e09a791a41c31649

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuT:n3C9ytvngQj429nnzeZhBC

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks