General

  • Target

    9771563707e1090ab0e6e044587b5b90_NeikiAnalytics.exe

  • Size

    441KB

  • Sample

    240518-f363lsdf99

  • MD5

    9771563707e1090ab0e6e044587b5b90

  • SHA1

    8af6a2b7d962e31a170a299db2d6fa303c21806d

  • SHA256

    95b1dae5479a0d13b930aaff9eb95d1e43d2f22f10fafa0f0f9e7c06d273a3a3

  • SHA512

    fc3b9db9e21496428dd2547c89f85ef5641bd32a2ea0e8bd05bc912efb5954b0893411446b0c10f10dc4acc2353c229f2471f95d59d3da7e72a3f1726dc238af

  • SSDEEP

    12288:M4wFHoSpg4wFHonR/nPF2LnFL4wF04wFK4wFK4wluC:UrR/nPV

Malware Config

Targets

    • Target

      9771563707e1090ab0e6e044587b5b90_NeikiAnalytics.exe

    • Size

      441KB

    • MD5

      9771563707e1090ab0e6e044587b5b90

    • SHA1

      8af6a2b7d962e31a170a299db2d6fa303c21806d

    • SHA256

      95b1dae5479a0d13b930aaff9eb95d1e43d2f22f10fafa0f0f9e7c06d273a3a3

    • SHA512

      fc3b9db9e21496428dd2547c89f85ef5641bd32a2ea0e8bd05bc912efb5954b0893411446b0c10f10dc4acc2353c229f2471f95d59d3da7e72a3f1726dc238af

    • SSDEEP

      12288:M4wFHoSpg4wFHonR/nPF2LnFL4wF04wFK4wFK4wluC:UrR/nPV

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks