General

  • Target

    9674d4d3cbb7b8396954de0edf65b400_NeikiAnalytics.exe

  • Size

    93KB

  • Sample

    240518-f1tz9sdf28

  • MD5

    9674d4d3cbb7b8396954de0edf65b400

  • SHA1

    f85223e74c66005033d4c29d1cf6606800226a7d

  • SHA256

    aeeab9a240b8229b277df650f5588a838cc15d9507b20458aff330ff0cd96efd

  • SHA512

    4cfd9e8c59a63182f407470d98fc67a9d00d605aa194034e31907380fcedbbd2a35bb957db1211cc5b416d389985d4188ddbb6649386bff9816b6f6c4bfc0d4b

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDInWeNCYGyA2R7JxJAg8dtm:ymb3NkkiQ3mdBjFIWeFGyAsJAg2m

Malware Config

Targets

    • Target

      9674d4d3cbb7b8396954de0edf65b400_NeikiAnalytics.exe

    • Size

      93KB

    • MD5

      9674d4d3cbb7b8396954de0edf65b400

    • SHA1

      f85223e74c66005033d4c29d1cf6606800226a7d

    • SHA256

      aeeab9a240b8229b277df650f5588a838cc15d9507b20458aff330ff0cd96efd

    • SHA512

      4cfd9e8c59a63182f407470d98fc67a9d00d605aa194034e31907380fcedbbd2a35bb957db1211cc5b416d389985d4188ddbb6649386bff9816b6f6c4bfc0d4b

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDInWeNCYGyA2R7JxJAg8dtm:ymb3NkkiQ3mdBjFIWeFGyAsJAg2m

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks