General

  • Target

    9bd26846dacc9e572ef2a13dbd2ab430_NeikiAnalytics.exe

  • Size

    71KB

  • Sample

    240518-gg2fnsed2t

  • MD5

    9bd26846dacc9e572ef2a13dbd2ab430

  • SHA1

    9e6a2db79ed5e40a91c1731f2e19c0f69d0cc1f7

  • SHA256

    8c2edfa0b63aaad12b7215740dfcd1fab8a68fa32f7c1fb178a765dcd70584f4

  • SHA512

    88f0ca70740c581de7012b9ace5f3cd973f6315669efd3d2ecdb2b28c498445836eb8a9a4114080c30bc0b14e9774e241d35aa0245396f3156c6f60c3afc59f9

  • SSDEEP

    1536:NvQBeOGtrYS3srx93UBWfwC6Ggnouy8KlAXmAXIBG/+WIFuTKLXvCB5yAXNlIQk8:NhOmTsF93UYfwC6GIoutOP/WWGKL/SYG

Malware Config

Targets

    • Target

      9bd26846dacc9e572ef2a13dbd2ab430_NeikiAnalytics.exe

    • Size

      71KB

    • MD5

      9bd26846dacc9e572ef2a13dbd2ab430

    • SHA1

      9e6a2db79ed5e40a91c1731f2e19c0f69d0cc1f7

    • SHA256

      8c2edfa0b63aaad12b7215740dfcd1fab8a68fa32f7c1fb178a765dcd70584f4

    • SHA512

      88f0ca70740c581de7012b9ace5f3cd973f6315669efd3d2ecdb2b28c498445836eb8a9a4114080c30bc0b14e9774e241d35aa0245396f3156c6f60c3afc59f9

    • SSDEEP

      1536:NvQBeOGtrYS3srx93UBWfwC6Ggnouy8KlAXmAXIBG/+WIFuTKLXvCB5yAXNlIQk8:NhOmTsF93UYfwC6GIoutOP/WWGKL/SYG

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks