General

  • Target

    90c265c8c51b35a28b063a18c6009630_NeikiAnalytics.exe

  • Size

    386KB

  • Sample

    240518-fgdtyace7x

  • MD5

    90c265c8c51b35a28b063a18c6009630

  • SHA1

    29967c5b848715e0f62a81bb896fb4c1c9b7a222

  • SHA256

    ba7c451b0e05eedb123aa06adca9b85d67369f22f89f1aecfe9ce666f3fda527

  • SHA512

    053f44c521caef261786b6530f734867085eff024fc775afcf351dbe147dcecf0af0ddbe0098ae90ab3098ff090c4516aad9cd51572867a495a20b733e705d18

  • SSDEEP

    6144:n3C9BRIG0asYFm71mPfkVB8dKwaO5CVwthW:n3C9uYA7okVqdKwaO5CVMhW

Malware Config

Targets

    • Target

      90c265c8c51b35a28b063a18c6009630_NeikiAnalytics.exe

    • Size

      386KB

    • MD5

      90c265c8c51b35a28b063a18c6009630

    • SHA1

      29967c5b848715e0f62a81bb896fb4c1c9b7a222

    • SHA256

      ba7c451b0e05eedb123aa06adca9b85d67369f22f89f1aecfe9ce666f3fda527

    • SHA512

      053f44c521caef261786b6530f734867085eff024fc775afcf351dbe147dcecf0af0ddbe0098ae90ab3098ff090c4516aad9cd51572867a495a20b733e705d18

    • SSDEEP

      6144:n3C9BRIG0asYFm71mPfkVB8dKwaO5CVwthW:n3C9uYA7okVqdKwaO5CVMhW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks