General

  • Target

    9f2785a5f1d54ce2076b7abe60ecce80_NeikiAnalytics.exe

  • Size

    401KB

  • Sample

    240518-gsbpdseh5v

  • MD5

    9f2785a5f1d54ce2076b7abe60ecce80

  • SHA1

    fd4de23163219988da79a2f83454358d7644530c

  • SHA256

    fa6fef39e618a09d4ba2a432a1cad6be094780948356b9b141060c383bc8b568

  • SHA512

    f1f870b8bd820562c5ce8c07a603b6d87d785a1c32c6d2e99d06fc22ef4d545c20aeac13b640ebf6ef8dc05ad913161724dc5fd9fbef54d1c72634ee0cf315c8

  • SSDEEP

    6144:kcm4FmowdHoSph3Ymu8wdHoSM05d34iWRbzami32:y4wFHoS3zuxHoSTd34iWRhiG

Malware Config

Targets

    • Target

      9f2785a5f1d54ce2076b7abe60ecce80_NeikiAnalytics.exe

    • Size

      401KB

    • MD5

      9f2785a5f1d54ce2076b7abe60ecce80

    • SHA1

      fd4de23163219988da79a2f83454358d7644530c

    • SHA256

      fa6fef39e618a09d4ba2a432a1cad6be094780948356b9b141060c383bc8b568

    • SHA512

      f1f870b8bd820562c5ce8c07a603b6d87d785a1c32c6d2e99d06fc22ef4d545c20aeac13b640ebf6ef8dc05ad913161724dc5fd9fbef54d1c72634ee0cf315c8

    • SSDEEP

      6144:kcm4FmowdHoSph3Ymu8wdHoSM05d34iWRbzami32:y4wFHoS3zuxHoSTd34iWRhiG

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks