General

  • Target

    a28f8b1b77c473d40cbd24126057c790_NeikiAnalytics.exe

  • Size

    401KB

  • Sample

    240518-g6mntafg28

  • MD5

    a28f8b1b77c473d40cbd24126057c790

  • SHA1

    ddebcc4087b10b9f22dd66b0ab8e50f634342725

  • SHA256

    84e5f90c2df0a0a9672eeeeae569ecd3a1e4e86089917a65dc9ca78bbc7738a9

  • SHA512

    837f8d665ffd28d06efd75df6cb17672e68c93ecbed5d80b1dea45ec9b55628e9fd44579a0e22e285a323440161cace55ce4d84abf9ee43844c2ee23de9078f3

  • SSDEEP

    6144:kcm4FmowdHoSph3Ymu8wdHoSM05d34iWRbzami3e:y4wFHoS3zuxHoSTd34iWRhiu

Malware Config

Targets

    • Target

      a28f8b1b77c473d40cbd24126057c790_NeikiAnalytics.exe

    • Size

      401KB

    • MD5

      a28f8b1b77c473d40cbd24126057c790

    • SHA1

      ddebcc4087b10b9f22dd66b0ab8e50f634342725

    • SHA256

      84e5f90c2df0a0a9672eeeeae569ecd3a1e4e86089917a65dc9ca78bbc7738a9

    • SHA512

      837f8d665ffd28d06efd75df6cb17672e68c93ecbed5d80b1dea45ec9b55628e9fd44579a0e22e285a323440161cace55ce4d84abf9ee43844c2ee23de9078f3

    • SSDEEP

      6144:kcm4FmowdHoSph3Ymu8wdHoSM05d34iWRbzami3e:y4wFHoS3zuxHoSTd34iWRhiu

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks