General

  • Target

    a23635fd34c3e0832c2af0cd303a8500_NeikiAnalytics.exe

  • Size

    453KB

  • Sample

    240518-g5l1wsff63

  • MD5

    a23635fd34c3e0832c2af0cd303a8500

  • SHA1

    f5dc9d6284d2991ee7e68918f0c3a28dc7320a50

  • SHA256

    20d6d34f7f315bfe0b81365f99db2f8d9d7b84d4fbb39f6a00b48bc44e5dcbdc

  • SHA512

    47870d540fc12a43af31f647dd00c7b74502e33fdec1f48f90b5bf8d625af1f1f5408db7f5d8d7ac49c93daf8d88f2651a7f211339c241a8ea3178a1d8f8899f

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNms:x4wFHoS3eFaKHpv/VycgE81lgv

Malware Config

Targets

    • Target

      a23635fd34c3e0832c2af0cd303a8500_NeikiAnalytics.exe

    • Size

      453KB

    • MD5

      a23635fd34c3e0832c2af0cd303a8500

    • SHA1

      f5dc9d6284d2991ee7e68918f0c3a28dc7320a50

    • SHA256

      20d6d34f7f315bfe0b81365f99db2f8d9d7b84d4fbb39f6a00b48bc44e5dcbdc

    • SHA512

      47870d540fc12a43af31f647dd00c7b74502e33fdec1f48f90b5bf8d625af1f1f5408db7f5d8d7ac49c93daf8d88f2651a7f211339c241a8ea3178a1d8f8899f

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNms:x4wFHoS3eFaKHpv/VycgE81lgv

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks