General

  • Target

    a06522c9fbc48e1159a09b243bed5530_NeikiAnalytics.exe

  • Size

    87KB

  • Sample

    240518-gyblksfc44

  • MD5

    a06522c9fbc48e1159a09b243bed5530

  • SHA1

    f8494461c7e3efcbdb14ce46d6915e2096e63c56

  • SHA256

    6cdb79e0bb4ebe658c2b5052e86d6dde1bc81dca0c9c035f88719b11b97f00e1

  • SHA512

    a0b6932398b73f0394baf9386322bb911413ac6fa3f3fc1e3843a9ed94e097d83f525a6552f3a99e34dd4535e9aaee9bc60bd8b1a69a44655dd99d733295884a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2iJvRirE0DmmdL2jqWkBh:ymb3NkkiQ3mdBjF+3TU2iBRioSumWS1H

Malware Config

Targets

    • Target

      a06522c9fbc48e1159a09b243bed5530_NeikiAnalytics.exe

    • Size

      87KB

    • MD5

      a06522c9fbc48e1159a09b243bed5530

    • SHA1

      f8494461c7e3efcbdb14ce46d6915e2096e63c56

    • SHA256

      6cdb79e0bb4ebe658c2b5052e86d6dde1bc81dca0c9c035f88719b11b97f00e1

    • SHA512

      a0b6932398b73f0394baf9386322bb911413ac6fa3f3fc1e3843a9ed94e097d83f525a6552f3a99e34dd4535e9aaee9bc60bd8b1a69a44655dd99d733295884a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2iJvRirE0DmmdL2jqWkBh:ymb3NkkiQ3mdBjF+3TU2iBRioSumWS1H

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks