General

  • Target

    9274b29bc89882d7e9b8812c5e352590_NeikiAnalytics.exe

  • Size

    76KB

  • Sample

    240518-flmbwach44

  • MD5

    9274b29bc89882d7e9b8812c5e352590

  • SHA1

    84ef551d20e0f971a590a06487e38e76ecff4aa8

  • SHA256

    64ad3799520dd972ab8b9f13d9b43664494e7438d6cd1975fca3ad329164be53

  • SHA512

    7de06b5a885976ae18ab37bcf0d406069a7e50cfebbe6dbd4a52eecf61d9c22bf0b75990e4e18fe764cf137f26ea3de0597f659788ded7ccaf32050752ce1d68

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAX8gu3Gno9yvrjKz:ymb3NkkiQ3mdBjFo68t3Gno9Iu

Malware Config

Targets

    • Target

      9274b29bc89882d7e9b8812c5e352590_NeikiAnalytics.exe

    • Size

      76KB

    • MD5

      9274b29bc89882d7e9b8812c5e352590

    • SHA1

      84ef551d20e0f971a590a06487e38e76ecff4aa8

    • SHA256

      64ad3799520dd972ab8b9f13d9b43664494e7438d6cd1975fca3ad329164be53

    • SHA512

      7de06b5a885976ae18ab37bcf0d406069a7e50cfebbe6dbd4a52eecf61d9c22bf0b75990e4e18fe764cf137f26ea3de0597f659788ded7ccaf32050752ce1d68

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAX8gu3Gno9yvrjKz:ymb3NkkiQ3mdBjFo68t3Gno9Iu

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks