General

  • Target

    a1b174eee27b1da19240e54c5199d2f0_NeikiAnalytics.exe

  • Size

    106KB

  • Sample

    240518-g3qlasfe58

  • MD5

    a1b174eee27b1da19240e54c5199d2f0

  • SHA1

    38fa52f8d87214333eeb2a41fb485a1bef431919

  • SHA256

    a31242815ff470c5578bf6e79a2ffcce619e2d51a8da457e6b2e8425107724e2

  • SHA512

    0abb76c1526a826091a1fed9dc3b7d1d2a65c81eaa4c5b517bb531e8f9b5b41a3424824e90f67c2af88fc847c7b52ada621a38042cf95dd0eeba8ab8fb677479

  • SSDEEP

    3072:khOmTsF93UYfwC6GIoutpYcvrqrE66krop7BcgJ:kcm4FmowdHoSphraHcp7yw

Malware Config

Targets

    • Target

      a1b174eee27b1da19240e54c5199d2f0_NeikiAnalytics.exe

    • Size

      106KB

    • MD5

      a1b174eee27b1da19240e54c5199d2f0

    • SHA1

      38fa52f8d87214333eeb2a41fb485a1bef431919

    • SHA256

      a31242815ff470c5578bf6e79a2ffcce619e2d51a8da457e6b2e8425107724e2

    • SHA512

      0abb76c1526a826091a1fed9dc3b7d1d2a65c81eaa4c5b517bb531e8f9b5b41a3424824e90f67c2af88fc847c7b52ada621a38042cf95dd0eeba8ab8fb677479

    • SSDEEP

      3072:khOmTsF93UYfwC6GIoutpYcvrqrE66krop7BcgJ:kcm4FmowdHoSphraHcp7yw

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks