General

  • Target

    b17f5efdffb7cec96a5ecc30522eb9e0_NeikiAnalytics.exe

  • Size

    75KB

  • Sample

    240518-jw468aag8y

  • MD5

    b17f5efdffb7cec96a5ecc30522eb9e0

  • SHA1

    70cc82ab6fcf4f58b8571d7895582a3a39235961

  • SHA256

    673a0588285f7297eee1d93a426bed44a8a48b1a4a8d24f525eb89b2c83788ab

  • SHA512

    741b96b26733f1dc96b7e473c0a40af7f62c099c798e1aa674e5062d3b79f9420631ddd82edbc7220cfb3e6181019f47c601ac8d344f515b1479da491bf3cf6f

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIpWCz+FR4RzWqC5c:ymb3NkkiQ3mdBjFIsIpZ+R4RzWqCC

Malware Config

Targets

    • Target

      b17f5efdffb7cec96a5ecc30522eb9e0_NeikiAnalytics.exe

    • Size

      75KB

    • MD5

      b17f5efdffb7cec96a5ecc30522eb9e0

    • SHA1

      70cc82ab6fcf4f58b8571d7895582a3a39235961

    • SHA256

      673a0588285f7297eee1d93a426bed44a8a48b1a4a8d24f525eb89b2c83788ab

    • SHA512

      741b96b26733f1dc96b7e473c0a40af7f62c099c798e1aa674e5062d3b79f9420631ddd82edbc7220cfb3e6181019f47c601ac8d344f515b1479da491bf3cf6f

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIpWCz+FR4RzWqC5c:ymb3NkkiQ3mdBjFIsIpZ+R4RzWqCC

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks