General

  • Target

    9f9f75569cf59abd5de3175a12352680_NeikiAnalytics.exe

  • Size

    80KB

  • Sample

    240518-gtmhaafa49

  • MD5

    9f9f75569cf59abd5de3175a12352680

  • SHA1

    5a9a8defa6f7f08b4836a1b79db17a9c98cb9af5

  • SHA256

    6d7e0ac80f64c846d209d1e6594f6c3c2dd901f96f9a99fda5fd03cb20756596

  • SHA512

    68704fdc1452e0f44c44c2e931d3adeb209a018fe9ff167f8ad62ce6df372901476a3f61c70ae631d41fcc27ca0b0c532f49b7bc94e6ff61190387cebfe4f6bf

  • SSDEEP

    1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6TVqMJ89w:zhOmTsF93UYfwC6GIoutiTU2HVS6cMJN

Malware Config

Targets

    • Target

      9f9f75569cf59abd5de3175a12352680_NeikiAnalytics.exe

    • Size

      80KB

    • MD5

      9f9f75569cf59abd5de3175a12352680

    • SHA1

      5a9a8defa6f7f08b4836a1b79db17a9c98cb9af5

    • SHA256

      6d7e0ac80f64c846d209d1e6594f6c3c2dd901f96f9a99fda5fd03cb20756596

    • SHA512

      68704fdc1452e0f44c44c2e931d3adeb209a018fe9ff167f8ad62ce6df372901476a3f61c70ae631d41fcc27ca0b0c532f49b7bc94e6ff61190387cebfe4f6bf

    • SSDEEP

      1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6TVqMJ89w:zhOmTsF93UYfwC6GIoutiTU2HVS6cMJN

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks