General

  • Target

    9819b0a739fa0139491dde07d997a680_NeikiAnalytics.exe

  • Size

    64KB

  • Sample

    240518-f6fptsdg3s

  • MD5

    9819b0a739fa0139491dde07d997a680

  • SHA1

    c67e0e7a8ebc0dd89c472a33886118c79543528f

  • SHA256

    4e4264479178b00198ebdcd93a5e6d92c2a24c808961f492ee9555982c79f976

  • SHA512

    b6a02fb23b228de5b702d73e716fdec548e385c63c0c6d325bfa10cf8659120c25cc7b8ca442b6c7938af4e6906c4187705483f5844240f91638450609ac11f9

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUuYp+5C8+LuvdL:ymb3NkkiQ3mdBjF0yMlY

Malware Config

Targets

    • Target

      9819b0a739fa0139491dde07d997a680_NeikiAnalytics.exe

    • Size

      64KB

    • MD5

      9819b0a739fa0139491dde07d997a680

    • SHA1

      c67e0e7a8ebc0dd89c472a33886118c79543528f

    • SHA256

      4e4264479178b00198ebdcd93a5e6d92c2a24c808961f492ee9555982c79f976

    • SHA512

      b6a02fb23b228de5b702d73e716fdec548e385c63c0c6d325bfa10cf8659120c25cc7b8ca442b6c7938af4e6906c4187705483f5844240f91638450609ac11f9

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUuYp+5C8+LuvdL:ymb3NkkiQ3mdBjF0yMlY

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks