General

  • Target

    a14c6ca278e42faaeefdffe8d4a21950_NeikiAnalytics.exe

  • Size

    140KB

  • Sample

    240518-g2p85sfd5v

  • MD5

    a14c6ca278e42faaeefdffe8d4a21950

  • SHA1

    32ab2cb04f3e23e2af6c31c66859cc82b29aa03d

  • SHA256

    f3f178b342fde0b43c905b90880ce4d82096905c7f9fd6b4905923d706fac7d3

  • SHA512

    a56b12146c447b0a8807aca22634ace83e08b60f200b317cba42d44d0798a93db22b850784a028c5077fe8e9266afbd2c528f4aecb28140f3f4fc8b446690dfe

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFomR7UsyJC+n0Gsgyek1f:n3C9BRomRph+0GsgyeYf

Malware Config

Targets

    • Target

      a14c6ca278e42faaeefdffe8d4a21950_NeikiAnalytics.exe

    • Size

      140KB

    • MD5

      a14c6ca278e42faaeefdffe8d4a21950

    • SHA1

      32ab2cb04f3e23e2af6c31c66859cc82b29aa03d

    • SHA256

      f3f178b342fde0b43c905b90880ce4d82096905c7f9fd6b4905923d706fac7d3

    • SHA512

      a56b12146c447b0a8807aca22634ace83e08b60f200b317cba42d44d0798a93db22b850784a028c5077fe8e9266afbd2c528f4aecb28140f3f4fc8b446690dfe

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFomR7UsyJC+n0Gsgyek1f:n3C9BRomRph+0GsgyeYf

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks