General

  • Target

    9af2a33d813620f3c5981251200b2900_NeikiAnalytics.exe

  • Size

    334KB

  • Sample

    240518-gef2yseb8t

  • MD5

    9af2a33d813620f3c5981251200b2900

  • SHA1

    336d592643c8a644b59ff0ba25e0e8bb7ac9671e

  • SHA256

    09f6b13dbbe7d01022006dd8a8746da7b3fa61822b5be81f88d07543065cb9bd

  • SHA512

    ce9a956bd2bfbe8a69256110d992754a6cdb2bc5d76fcbd04fb59674519f6acf3c30522cb7dc3671b0c3a508e7f95ac3c3f932deecbcfe1e2f40fb0330fb0670

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/S:x4wFHoS3eFaKHpv/VycgE8oS

Malware Config

Targets

    • Target

      9af2a33d813620f3c5981251200b2900_NeikiAnalytics.exe

    • Size

      334KB

    • MD5

      9af2a33d813620f3c5981251200b2900

    • SHA1

      336d592643c8a644b59ff0ba25e0e8bb7ac9671e

    • SHA256

      09f6b13dbbe7d01022006dd8a8746da7b3fa61822b5be81f88d07543065cb9bd

    • SHA512

      ce9a956bd2bfbe8a69256110d992754a6cdb2bc5d76fcbd04fb59674519f6acf3c30522cb7dc3671b0c3a508e7f95ac3c3f932deecbcfe1e2f40fb0330fb0670

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/S:x4wFHoS3eFaKHpv/VycgE8oS

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks