General

  • Target

    9915e81d78a39a738d5ee90978dbeb40_NeikiAnalytics.exe

  • Size

    255KB

  • Sample

    240518-f8sgeadh89

  • MD5

    9915e81d78a39a738d5ee90978dbeb40

  • SHA1

    f7ba0479f293c11d21fce8a35e3e14640b4837de

  • SHA256

    f2ccbf499052f1a672cbd043cf0bf09e509fe2848988a0f780745b42b8c333da

  • SHA512

    1f3c74f549fa9a20ba88f7ee7a33bd15f8d8911628988e52ad44fc815e47c54fae960c0074019a98c4ef1212400409a75a929272c4d55f86a6b30af4ee524ee3

  • SSDEEP

    6144:kcm4FmowdHoSphraHcpOaKHpolTjZXvEQo9dfr6:y4wFHoS3eFaKHpKT9XvEhdfr6

Malware Config

Targets

    • Target

      9915e81d78a39a738d5ee90978dbeb40_NeikiAnalytics.exe

    • Size

      255KB

    • MD5

      9915e81d78a39a738d5ee90978dbeb40

    • SHA1

      f7ba0479f293c11d21fce8a35e3e14640b4837de

    • SHA256

      f2ccbf499052f1a672cbd043cf0bf09e509fe2848988a0f780745b42b8c333da

    • SHA512

      1f3c74f549fa9a20ba88f7ee7a33bd15f8d8911628988e52ad44fc815e47c54fae960c0074019a98c4ef1212400409a75a929272c4d55f86a6b30af4ee524ee3

    • SSDEEP

      6144:kcm4FmowdHoSphraHcpOaKHpolTjZXvEQo9dfr6:y4wFHoS3eFaKHpKT9XvEhdfr6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks