General

  • Target

    930cf121a1815da67834d8ebac9fd130_NeikiAnalytics.exe

  • Size

    74KB

  • Sample

    240518-fm95bsda25

  • MD5

    930cf121a1815da67834d8ebac9fd130

  • SHA1

    46f04b84f4705f258d23e37fda3d1f956a47b5b4

  • SHA256

    8c94d5b30da6dbbbb2025dc9b1b3e17510ed097bf65654c72e5f4a31560d7783

  • SHA512

    00d9a850b83d640fea2974eb28c9fd863c039ab38de8d79516f6cf98360fd3a34a522d420a71a77251b06af5c4630494560488af9678246252ae301dd5f14e83

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIpWCz+FR4RzWqC5pd:ymb3NkkiQ3mdBjFIsIpZ+R4RzWqC5

Malware Config

Targets

    • Target

      930cf121a1815da67834d8ebac9fd130_NeikiAnalytics.exe

    • Size

      74KB

    • MD5

      930cf121a1815da67834d8ebac9fd130

    • SHA1

      46f04b84f4705f258d23e37fda3d1f956a47b5b4

    • SHA256

      8c94d5b30da6dbbbb2025dc9b1b3e17510ed097bf65654c72e5f4a31560d7783

    • SHA512

      00d9a850b83d640fea2974eb28c9fd863c039ab38de8d79516f6cf98360fd3a34a522d420a71a77251b06af5c4630494560488af9678246252ae301dd5f14e83

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIpWCz+FR4RzWqC5pd:ymb3NkkiQ3mdBjFIsIpZ+R4RzWqC5

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks