General

  • Target

    a29c23a7c7fdaab16e175c63399c94c0_NeikiAnalytics.exe

  • Size

    344KB

  • Sample

    240518-g6vdnafg32

  • MD5

    a29c23a7c7fdaab16e175c63399c94c0

  • SHA1

    56e634fc66647bc5ad00205818bccf0544bc0f3c

  • SHA256

    919b2a29aefdb252232ba8e98f46e795e881740c467da9f1d4d4553d643e29a6

  • SHA512

    7f992f7d59ca89b070c2c7513cf3faa484623f1d6b3c4a8fd871bb941ea68875703250fd463baf5f0a9d5c9948e725268cced12930e48de3e515eb768da7afa1

  • SSDEEP

    6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyIq:n3C9uDnUXoSWlnwJv90aKToFqwfIBc

Malware Config

Targets

    • Target

      a29c23a7c7fdaab16e175c63399c94c0_NeikiAnalytics.exe

    • Size

      344KB

    • MD5

      a29c23a7c7fdaab16e175c63399c94c0

    • SHA1

      56e634fc66647bc5ad00205818bccf0544bc0f3c

    • SHA256

      919b2a29aefdb252232ba8e98f46e795e881740c467da9f1d4d4553d643e29a6

    • SHA512

      7f992f7d59ca89b070c2c7513cf3faa484623f1d6b3c4a8fd871bb941ea68875703250fd463baf5f0a9d5c9948e725268cced12930e48de3e515eb768da7afa1

    • SSDEEP

      6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyIq:n3C9uDnUXoSWlnwJv90aKToFqwfIBc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks