General

  • Target

    9ea6a163c18f982fb7be92e1f1ff1a40_NeikiAnalytics.exe

  • Size

    254KB

  • Sample

    240518-gqey2aeg88

  • MD5

    9ea6a163c18f982fb7be92e1f1ff1a40

  • SHA1

    46fb2b9a7d7d86b774e09f213ec839ecf25416be

  • SHA256

    2c95efc73516af405e5388b79bfcdd13c89d577a2547fccf2df13e5071af8e1e

  • SHA512

    5b5deeb5194a24b6b307abdbbacedc4996e477ad3089336e57942555068f62cb5cd6bb31da861cf80b65a210fdced7dfef823a681bec1d66f39fb0455511c759

  • SSDEEP

    6144:kcm4FmowdHoSphraHcpOaKHpolTjZXvEQo9dfrz:y4wFHoS3eFaKHpKT9XvEhdfrz

Malware Config

Targets

    • Target

      9ea6a163c18f982fb7be92e1f1ff1a40_NeikiAnalytics.exe

    • Size

      254KB

    • MD5

      9ea6a163c18f982fb7be92e1f1ff1a40

    • SHA1

      46fb2b9a7d7d86b774e09f213ec839ecf25416be

    • SHA256

      2c95efc73516af405e5388b79bfcdd13c89d577a2547fccf2df13e5071af8e1e

    • SHA512

      5b5deeb5194a24b6b307abdbbacedc4996e477ad3089336e57942555068f62cb5cd6bb31da861cf80b65a210fdced7dfef823a681bec1d66f39fb0455511c759

    • SSDEEP

      6144:kcm4FmowdHoSphraHcpOaKHpolTjZXvEQo9dfrz:y4wFHoS3eFaKHpKT9XvEhdfrz

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks