General

  • Target

    a0ee156c4fcf96a54fbd2daba4e76da0_NeikiAnalytics.exe

  • Size

    277KB

  • Sample

    240518-gzv2lsfc4t

  • MD5

    a0ee156c4fcf96a54fbd2daba4e76da0

  • SHA1

    999ff00c9f3a42f7d60f8946c67be9f2ad65c494

  • SHA256

    f37cbbc77eecbb6b1eabdc0ca76d4ca098c4b24527db81834d0349b997aa580e

  • SHA512

    a5421622b15051d03f86f8bfc5a2ec72d5cf5b5c84c3e80160fdcc67347311763e6dd00dde8c77cf471dafcca9808b856489f65355b99fcef6388edddd654c27

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7VvemQ:n3C9uYA71kSMum

Malware Config

Targets

    • Target

      a0ee156c4fcf96a54fbd2daba4e76da0_NeikiAnalytics.exe

    • Size

      277KB

    • MD5

      a0ee156c4fcf96a54fbd2daba4e76da0

    • SHA1

      999ff00c9f3a42f7d60f8946c67be9f2ad65c494

    • SHA256

      f37cbbc77eecbb6b1eabdc0ca76d4ca098c4b24527db81834d0349b997aa580e

    • SHA512

      a5421622b15051d03f86f8bfc5a2ec72d5cf5b5c84c3e80160fdcc67347311763e6dd00dde8c77cf471dafcca9808b856489f65355b99fcef6388edddd654c27

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7VvemQ:n3C9uYA71kSMum

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks