General

  • Target

    a315d467fec6f3537a0b07a398a5dc40_NeikiAnalytics.exe

  • Size

    60KB

  • Sample

    240518-g8paesfg7v

  • MD5

    a315d467fec6f3537a0b07a398a5dc40

  • SHA1

    3ff68464903417573cefe9c1ceeccfb8350b0201

  • SHA256

    d65dfe42077ca86e6ac17a8a0adf488b754c36331e9a431eae98cede8f90447d

  • SHA512

    d3e78041e972de5d1611de29296f85679e5a6bee003fc5037cc2fee45aa9089f16ec47f31a65c0b7e6613fa840453a9b34bbde194004917c9db0332d31f027df

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvuzk9UWd:ymb3NkkiQ3mdBjFIvlq2

Malware Config

Targets

    • Target

      a315d467fec6f3537a0b07a398a5dc40_NeikiAnalytics.exe

    • Size

      60KB

    • MD5

      a315d467fec6f3537a0b07a398a5dc40

    • SHA1

      3ff68464903417573cefe9c1ceeccfb8350b0201

    • SHA256

      d65dfe42077ca86e6ac17a8a0adf488b754c36331e9a431eae98cede8f90447d

    • SHA512

      d3e78041e972de5d1611de29296f85679e5a6bee003fc5037cc2fee45aa9089f16ec47f31a65c0b7e6613fa840453a9b34bbde194004917c9db0332d31f027df

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvuzk9UWd:ymb3NkkiQ3mdBjFIvlq2

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks