General

  • Target

    9857fc0218f57097048ac9520fa93720_NeikiAnalytics.exe

  • Size

    454KB

  • Sample

    240518-f64rnadh25

  • MD5

    9857fc0218f57097048ac9520fa93720

  • SHA1

    af3222643be17c8c1362032030e08c64756b02f7

  • SHA256

    9aac09671e25212075292d46daae5fce3f0bb90cc5d1334f405e21bbeec5a76c

  • SHA512

    be08447e9868a1b10902f8e527467a984221234c6d9ae7672d941a877534a368bdcec04706b7a933dd2f3ddc5f08063bd66a1b6a607824c299f0dd2f2e3d3677

  • SSDEEP

    12288:y4wFHoS3eFp3IDvSbh5nPYERAAUDCa4NYmKq9:HFp3lz1XUDCaGYmKq9

Malware Config

Targets

    • Target

      9857fc0218f57097048ac9520fa93720_NeikiAnalytics.exe

    • Size

      454KB

    • MD5

      9857fc0218f57097048ac9520fa93720

    • SHA1

      af3222643be17c8c1362032030e08c64756b02f7

    • SHA256

      9aac09671e25212075292d46daae5fce3f0bb90cc5d1334f405e21bbeec5a76c

    • SHA512

      be08447e9868a1b10902f8e527467a984221234c6d9ae7672d941a877534a368bdcec04706b7a933dd2f3ddc5f08063bd66a1b6a607824c299f0dd2f2e3d3677

    • SSDEEP

      12288:y4wFHoS3eFp3IDvSbh5nPYERAAUDCa4NYmKq9:HFp3lz1XUDCaGYmKq9

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks