General

  • Target

    96e2594002e1f5254861d406f4b15600_NeikiAnalytics.exe

  • Size

    63KB

  • Sample

    240518-f293wadf78

  • MD5

    96e2594002e1f5254861d406f4b15600

  • SHA1

    8d0219c9ebf34fb2e1784b29acf86be6be317f6d

  • SHA256

    a9191fb7ea3a723f6b84e068d2a4d4379c4154f7bad9157d9856075f593ed139

  • SHA512

    3cb78daf4305ab7aaaeedc8994ccc2725faf1255759729a7799fb48b2aed8376a859ec9cf9a359ad54359b7eb85d506549fc6e578f287fba5037f09acdb3e84a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6Mu/ePS3AX:ymb3NkkiQ3mdBjFI46TQX

Malware Config

Targets

    • Target

      96e2594002e1f5254861d406f4b15600_NeikiAnalytics.exe

    • Size

      63KB

    • MD5

      96e2594002e1f5254861d406f4b15600

    • SHA1

      8d0219c9ebf34fb2e1784b29acf86be6be317f6d

    • SHA256

      a9191fb7ea3a723f6b84e068d2a4d4379c4154f7bad9157d9856075f593ed139

    • SHA512

      3cb78daf4305ab7aaaeedc8994ccc2725faf1255759729a7799fb48b2aed8376a859ec9cf9a359ad54359b7eb85d506549fc6e578f287fba5037f09acdb3e84a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6Mu/ePS3AX:ymb3NkkiQ3mdBjFI46TQX

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks