General

  • Target

    a2e6e46097ab26e58862d3cfb836f4f0_NeikiAnalytics.exe

  • Size

    394KB

  • Sample

    240518-g7qrvsfg3z

  • MD5

    a2e6e46097ab26e58862d3cfb836f4f0

  • SHA1

    62f1226a3e5574a369b298bb3495a85e2b3a0755

  • SHA256

    3ca482c4b8b0e279797aaaacb8fcb98c70c30c4007c7112d5389b95fd634c044

  • SHA512

    1a4a9460f217b4199353804277ba92992711c80654ed174befeeac4d4a9ae7c08b720cdf920bdbee8adfb3d71085d83569a3a7bdd0debd01696b36919bc057f9

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjkobjcSbcY+CaQdaFOY4iGFYtRdu/6:n3C9ytvngQjZbz+xt4vFBy

Malware Config

Targets

    • Target

      a2e6e46097ab26e58862d3cfb836f4f0_NeikiAnalytics.exe

    • Size

      394KB

    • MD5

      a2e6e46097ab26e58862d3cfb836f4f0

    • SHA1

      62f1226a3e5574a369b298bb3495a85e2b3a0755

    • SHA256

      3ca482c4b8b0e279797aaaacb8fcb98c70c30c4007c7112d5389b95fd634c044

    • SHA512

      1a4a9460f217b4199353804277ba92992711c80654ed174befeeac4d4a9ae7c08b720cdf920bdbee8adfb3d71085d83569a3a7bdd0debd01696b36919bc057f9

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjkobjcSbcY+CaQdaFOY4iGFYtRdu/6:n3C9ytvngQjZbz+xt4vFBy

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks