General

  • Target

    9bb4ca7aa01f108a16876df183a5ea10_NeikiAnalytics.exe

  • Size

    55KB

  • Sample

    240518-ggp3msec9t

  • MD5

    9bb4ca7aa01f108a16876df183a5ea10

  • SHA1

    1a802bdeccbe3da3d882b39b215a92ab537e9904

  • SHA256

    c38746dc1ae1986c28e9e911f205f2a1683b5ed2e4d491d784059e8dbc1e549b

  • SHA512

    a5d1437cac34b316c52e7a5d216571874e19ec4f61c807aeda6fe3e7ac19a9591ab7b07c114b7c0ed8810a218f51d5490269766b252d2e33ac8c413bdbcfb499

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFp:ymb3NkkiQ3mdBjFIFp

Malware Config

Targets

    • Target

      9bb4ca7aa01f108a16876df183a5ea10_NeikiAnalytics.exe

    • Size

      55KB

    • MD5

      9bb4ca7aa01f108a16876df183a5ea10

    • SHA1

      1a802bdeccbe3da3d882b39b215a92ab537e9904

    • SHA256

      c38746dc1ae1986c28e9e911f205f2a1683b5ed2e4d491d784059e8dbc1e549b

    • SHA512

      a5d1437cac34b316c52e7a5d216571874e19ec4f61c807aeda6fe3e7ac19a9591ab7b07c114b7c0ed8810a218f51d5490269766b252d2e33ac8c413bdbcfb499

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFp:ymb3NkkiQ3mdBjFIFp

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks