General

  • Target

    a12e352e8cd27ff7da407d3b0b79f370_NeikiAnalytics.exe

  • Size

    69KB

  • Sample

    240518-g11ngsfd58

  • MD5

    a12e352e8cd27ff7da407d3b0b79f370

  • SHA1

    b830ce40672c1d1442c194aaa8fbda07290b93e3

  • SHA256

    476c9a1faa2aef960e233a96ef6f703cf210d60217e23e8eee57d18f4a67b5a5

  • SHA512

    1ee3e452b0a9d505b6e0a7b4698df45195a956126d707feab3dbf3d8b2eef5a706400c15dc335c026c92f516be3eb3440184f55634eeda59623e123fa8f28bba

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUwcsbY/7:ymb3NkkiQ3mdBjF0yjcsMz

Malware Config

Targets

    • Target

      a12e352e8cd27ff7da407d3b0b79f370_NeikiAnalytics.exe

    • Size

      69KB

    • MD5

      a12e352e8cd27ff7da407d3b0b79f370

    • SHA1

      b830ce40672c1d1442c194aaa8fbda07290b93e3

    • SHA256

      476c9a1faa2aef960e233a96ef6f703cf210d60217e23e8eee57d18f4a67b5a5

    • SHA512

      1ee3e452b0a9d505b6e0a7b4698df45195a956126d707feab3dbf3d8b2eef5a706400c15dc335c026c92f516be3eb3440184f55634eeda59623e123fa8f28bba

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUwcsbY/7:ymb3NkkiQ3mdBjF0yjcsMz

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks