General

  • Target

    9e02fd8e45c12d8387d6b89cc0b2c590_NeikiAnalytics.exe

  • Size

    460KB

  • Sample

    240518-gm37fsef85

  • MD5

    9e02fd8e45c12d8387d6b89cc0b2c590

  • SHA1

    d5c3797813f69bdb7c7fe84b5c12846b0985c5d3

  • SHA256

    36b25b90900003665878bd9f8b6c4ad7d7a1576ac47b67bbffac0134bd11e861

  • SHA512

    ea9e8c146d89f289d35ec10c52c0d329fd651db6aca0e927badf2b73b778edfdd3cad539612e56bce27bc97c528138e96618e256655db6e1708ec7ccb6d8d406

  • SSDEEP

    6144:n3C9BRo7tvnJ9Fywhk/TJTaYvMmr3C9BRo7tvnJ9Fywhk/Tkh:n3C9ytvn8whkbJTaFmr3C9ytvn8whkbU

Malware Config

Targets

    • Target

      9e02fd8e45c12d8387d6b89cc0b2c590_NeikiAnalytics.exe

    • Size

      460KB

    • MD5

      9e02fd8e45c12d8387d6b89cc0b2c590

    • SHA1

      d5c3797813f69bdb7c7fe84b5c12846b0985c5d3

    • SHA256

      36b25b90900003665878bd9f8b6c4ad7d7a1576ac47b67bbffac0134bd11e861

    • SHA512

      ea9e8c146d89f289d35ec10c52c0d329fd651db6aca0e927badf2b73b778edfdd3cad539612e56bce27bc97c528138e96618e256655db6e1708ec7ccb6d8d406

    • SSDEEP

      6144:n3C9BRo7tvnJ9Fywhk/TJTaYvMmr3C9BRo7tvnJ9Fywhk/Tkh:n3C9ytvn8whkbJTaFmr3C9ytvn8whkbU

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks