General

  • Target

    9974617d371b604d9fe8bc0dd9ff6ca0_NeikiAnalytics.exe

  • Size

    487KB

  • Sample

    240518-f9njvadh5x

  • MD5

    9974617d371b604d9fe8bc0dd9ff6ca0

  • SHA1

    74f8ec68c492036fc29483d1e339befc8f2f1520

  • SHA256

    6767469c741fdb4530c4750b45ceb72291082cdc0c3315cd7ebc850544fbe68d

  • SHA512

    0d6806fa8a3f121a360e9a5dedf5c1d9daf6c7f2e3ba6e266a1d3994984d21173b0167ad4126994a57116b04e09eee26362640c472991140c875409770a76ed8

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjkUo7tvnJ9oH0IiVByq9CPobNVY:n3C9ytvngQjgtvngSV3CPobNVY

Malware Config

Targets

    • Target

      9974617d371b604d9fe8bc0dd9ff6ca0_NeikiAnalytics.exe

    • Size

      487KB

    • MD5

      9974617d371b604d9fe8bc0dd9ff6ca0

    • SHA1

      74f8ec68c492036fc29483d1e339befc8f2f1520

    • SHA256

      6767469c741fdb4530c4750b45ceb72291082cdc0c3315cd7ebc850544fbe68d

    • SHA512

      0d6806fa8a3f121a360e9a5dedf5c1d9daf6c7f2e3ba6e266a1d3994984d21173b0167ad4126994a57116b04e09eee26362640c472991140c875409770a76ed8

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjkUo7tvnJ9oH0IiVByq9CPobNVY:n3C9ytvngQjgtvngSV3CPobNVY

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks