General

  • Target

    9634048b0ff2c0ad4e35b19d51603070_NeikiAnalytics.exe

  • Size

    227KB

  • Sample

    240518-fzetysde62

  • MD5

    9634048b0ff2c0ad4e35b19d51603070

  • SHA1

    8883f34d9ee7ad817842ecaab9fb71001daa9d71

  • SHA256

    327b1bd3af160bc9f04037c6470f48be546c4c12695c74ea8544123b08fec68a

  • SHA512

    2760b19285d203cb5d5c81747b99e29af028f35b907a931ad432f3ef50c97c9c19a515cea47ab5863815aa4e1d66586fb89c07453a12e6e3f401910932ed28ce

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLn/c1f:n3C9BRo7MlrWKo+lxKk1f

Malware Config

Targets

    • Target

      9634048b0ff2c0ad4e35b19d51603070_NeikiAnalytics.exe

    • Size

      227KB

    • MD5

      9634048b0ff2c0ad4e35b19d51603070

    • SHA1

      8883f34d9ee7ad817842ecaab9fb71001daa9d71

    • SHA256

      327b1bd3af160bc9f04037c6470f48be546c4c12695c74ea8544123b08fec68a

    • SHA512

      2760b19285d203cb5d5c81747b99e29af028f35b907a931ad432f3ef50c97c9c19a515cea47ab5863815aa4e1d66586fb89c07453a12e6e3f401910932ed28ce

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLn/c1f:n3C9BRo7MlrWKo+lxKk1f

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks