General

  • Target

    9612e532a5ef87f62accf127b2b1b060_NeikiAnalytics.exe

  • Size

    224KB

  • Sample

    240518-fyr3wsdd8v

  • MD5

    9612e532a5ef87f62accf127b2b1b060

  • SHA1

    c84d9eb961139bb7f4d70b9ce3fc3dccc0bde06d

  • SHA256

    7ba1fd9f8e031f420d0298b3801f88a0eaa0bd510a456bb9caf8920304a38c4b

  • SHA512

    4866f06e71883855fc3265ca4286712ff1e0598a11587dc0fde6f550f9a60e9782a5d9b0baf4b7f516912c9e124ca8003c46e859e815db212056eefc07221da0

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLjBQEY:n3C9BRo7MlrWKo+lxKw

Malware Config

Targets

    • Target

      9612e532a5ef87f62accf127b2b1b060_NeikiAnalytics.exe

    • Size

      224KB

    • MD5

      9612e532a5ef87f62accf127b2b1b060

    • SHA1

      c84d9eb961139bb7f4d70b9ce3fc3dccc0bde06d

    • SHA256

      7ba1fd9f8e031f420d0298b3801f88a0eaa0bd510a456bb9caf8920304a38c4b

    • SHA512

      4866f06e71883855fc3265ca4286712ff1e0598a11587dc0fde6f550f9a60e9782a5d9b0baf4b7f516912c9e124ca8003c46e859e815db212056eefc07221da0

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLjBQEY:n3C9BRo7MlrWKo+lxKw

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks