General

  • Target

    99a13aea734c4e452df8405187c9aa90_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240518-gal3eaea62

  • MD5

    99a13aea734c4e452df8405187c9aa90

  • SHA1

    8a26b48d62812e63feaaeebb3651502de12e50c5

  • SHA256

    86d3aaee3646d79e5b0396789c706e60e7b7dcf2a84274a8ea519c9f00032f19

  • SHA512

    c2a0554d88ebaf6cf2dd1effbf9e0de845b42c163ddcb4c44450ab8ae77faec79c12de2e5a65de97c1102eb0043e23a82b5168768acc58d4117d8b19f069aef8

  • SSDEEP

    1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWp1:8hOmTsF93UYfwC6GIout0fmCiiiXA6mT

Malware Config

Targets

    • Target

      99a13aea734c4e452df8405187c9aa90_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      99a13aea734c4e452df8405187c9aa90

    • SHA1

      8a26b48d62812e63feaaeebb3651502de12e50c5

    • SHA256

      86d3aaee3646d79e5b0396789c706e60e7b7dcf2a84274a8ea519c9f00032f19

    • SHA512

      c2a0554d88ebaf6cf2dd1effbf9e0de845b42c163ddcb4c44450ab8ae77faec79c12de2e5a65de97c1102eb0043e23a82b5168768acc58d4117d8b19f069aef8

    • SSDEEP

      1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWp1:8hOmTsF93UYfwC6GIout0fmCiiiXA6mT

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks