General

  • Target

    9da1041414bc8c1e1e6094e3c307c5f0_NeikiAnalytics.exe

  • Size

    389KB

  • Sample

    240518-gma6nsef58

  • MD5

    9da1041414bc8c1e1e6094e3c307c5f0

  • SHA1

    8334978d6e36a879f6c75a45f82290670c68fc96

  • SHA256

    0645b2ce242cceac38b96cd7a1eecbebb34c13b4e836008bfe0813c7ef27957d

  • SHA512

    47bfdfd26c5185b987d25f43f54a74aeee9dfac47a7a3215f7f97e9e5eb1aac343804d0d58b50f7d5a024fe7618263ebdf609c7eec8a6f6b1ed6b813fa48657c

  • SSDEEP

    12288:n3C9ytvngQjpUXoSWlnwJv90aKToFqwfu:SgdnJVU4TlnwJ6GoB

Malware Config

Targets

    • Target

      9da1041414bc8c1e1e6094e3c307c5f0_NeikiAnalytics.exe

    • Size

      389KB

    • MD5

      9da1041414bc8c1e1e6094e3c307c5f0

    • SHA1

      8334978d6e36a879f6c75a45f82290670c68fc96

    • SHA256

      0645b2ce242cceac38b96cd7a1eecbebb34c13b4e836008bfe0813c7ef27957d

    • SHA512

      47bfdfd26c5185b987d25f43f54a74aeee9dfac47a7a3215f7f97e9e5eb1aac343804d0d58b50f7d5a024fe7618263ebdf609c7eec8a6f6b1ed6b813fa48657c

    • SSDEEP

      12288:n3C9ytvngQjpUXoSWlnwJv90aKToFqwfu:SgdnJVU4TlnwJ6GoB

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks