General

  • Target

    9cf78a6f602e78b95147702705804fa0_NeikiAnalytics.exe

  • Size

    75KB

  • Sample

    240518-gky5qaee6s

  • MD5

    9cf78a6f602e78b95147702705804fa0

  • SHA1

    7736c942d60b159cab558648971dbd854e9acf11

  • SHA256

    24220494aa157b2af4751e8d5d1ebf3ed976611e5e5a5ce485ae8275ec53d568

  • SHA512

    3e60db8774a33a5541066b5740c0c738eac4cd8174322933f64aba900813b93d7ac23429e6b12721a002e1930e1447da42851623755d585bb3bc6f1421cda1b1

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAh2QpUnX1Az:ymb3NkkiQ3mdBjFIsIVbpUW

Malware Config

Targets

    • Target

      9cf78a6f602e78b95147702705804fa0_NeikiAnalytics.exe

    • Size

      75KB

    • MD5

      9cf78a6f602e78b95147702705804fa0

    • SHA1

      7736c942d60b159cab558648971dbd854e9acf11

    • SHA256

      24220494aa157b2af4751e8d5d1ebf3ed976611e5e5a5ce485ae8275ec53d568

    • SHA512

      3e60db8774a33a5541066b5740c0c738eac4cd8174322933f64aba900813b93d7ac23429e6b12721a002e1930e1447da42851623755d585bb3bc6f1421cda1b1

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAh2QpUnX1Az:ymb3NkkiQ3mdBjFIsIVbpUW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks