General

  • Target

    9af5e4550ee64e8447ecc099992b6e70_NeikiAnalytics.exe

  • Size

    80KB

  • Sample

    240518-gelx7sec45

  • MD5

    9af5e4550ee64e8447ecc099992b6e70

  • SHA1

    c831173f9d10f50e2ce3cf8216b1b6177083f431

  • SHA256

    450f02f4fdb73f585e950039a31579259e64417a869ed11cf9a632040b64c96b

  • SHA512

    f23ed6d282e2b649adafb81b6515c8cf3a1be0fb7096e7b366cf0e801bf547cb64c82cfad91c2deafe744710e9decb4daf22ba5ee9fe09cac643a6739e7da4c9

  • SSDEEP

    1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6TVqMJ89g:zhOmTsF93UYfwC6GIoutiTU2HVS6cMJN

Malware Config

Targets

    • Target

      9af5e4550ee64e8447ecc099992b6e70_NeikiAnalytics.exe

    • Size

      80KB

    • MD5

      9af5e4550ee64e8447ecc099992b6e70

    • SHA1

      c831173f9d10f50e2ce3cf8216b1b6177083f431

    • SHA256

      450f02f4fdb73f585e950039a31579259e64417a869ed11cf9a632040b64c96b

    • SHA512

      f23ed6d282e2b649adafb81b6515c8cf3a1be0fb7096e7b366cf0e801bf547cb64c82cfad91c2deafe744710e9decb4daf22ba5ee9fe09cac643a6739e7da4c9

    • SSDEEP

      1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6TVqMJ89g:zhOmTsF93UYfwC6GIoutiTU2HVS6cMJN

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks