General

  • Target

    949be3514588403dfe89569dffb483f0_NeikiAnalytics.exe

  • Size

    520KB

  • Sample

    240518-ftgrcsdc46

  • MD5

    949be3514588403dfe89569dffb483f0

  • SHA1

    678e099f51811a471e8a21847afc0a0ddee7895d

  • SHA256

    f839b4c6b43faf339960dc8519bee906ba91e01037d65405c18079e009ed679c

  • SHA512

    6b356b7e74ab4c82497d07b3f5a057b4e4b0c431394f5df29aa81c96ccb069639307a4db6f8dba028ccac9bd73f28d9cda5b07b3b3c01e492a909ac642e8cad5

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2CfNnkymTwaJ3o89H3G:q7Tc2NYHUrAwfMHNnpls4892

Malware Config

Targets

    • Target

      949be3514588403dfe89569dffb483f0_NeikiAnalytics.exe

    • Size

      520KB

    • MD5

      949be3514588403dfe89569dffb483f0

    • SHA1

      678e099f51811a471e8a21847afc0a0ddee7895d

    • SHA256

      f839b4c6b43faf339960dc8519bee906ba91e01037d65405c18079e009ed679c

    • SHA512

      6b356b7e74ab4c82497d07b3f5a057b4e4b0c431394f5df29aa81c96ccb069639307a4db6f8dba028ccac9bd73f28d9cda5b07b3b3c01e492a909ac642e8cad5

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2CfNnkymTwaJ3o89H3G:q7Tc2NYHUrAwfMHNnpls4892

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks