General

  • Target

    931ae41595cb4dab67de86a6f9420050_NeikiAnalytics.exe

  • Size

    334KB

  • Sample

    240518-fnhfpsda36

  • MD5

    931ae41595cb4dab67de86a6f9420050

  • SHA1

    fca5025dc9dcbff5c34540ef6d5166aaf7f3ece5

  • SHA256

    b61b3c2dea7b2bcb8e1434131299f2cf50cd097e326d7b718302872a5f62438e

  • SHA512

    d44d97440b4f3c05186791cf6b08072f58201819ec54666511ac340bad29f0bba26c97db759e1ab749d292bb717a8ec25ee5b6ffc055397f1510130d86825327

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/m:x4wFHoS3eFaKHpv/VycgE8om

Malware Config

Targets

    • Target

      931ae41595cb4dab67de86a6f9420050_NeikiAnalytics.exe

    • Size

      334KB

    • MD5

      931ae41595cb4dab67de86a6f9420050

    • SHA1

      fca5025dc9dcbff5c34540ef6d5166aaf7f3ece5

    • SHA256

      b61b3c2dea7b2bcb8e1434131299f2cf50cd097e326d7b718302872a5f62438e

    • SHA512

      d44d97440b4f3c05186791cf6b08072f58201819ec54666511ac340bad29f0bba26c97db759e1ab749d292bb717a8ec25ee5b6ffc055397f1510130d86825327

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/m:x4wFHoS3eFaKHpv/VycgE8om

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks