General

  • Target

    b15b2e40bd5cd3b97098f4cf94e40210_NeikiAnalytics.exe

  • Size

    392KB

  • Sample

    240518-jwfhvsag6z

  • MD5

    b15b2e40bd5cd3b97098f4cf94e40210

  • SHA1

    6ae0e427fc719e95aab13fdd3ab1b48c5801a112

  • SHA256

    0c9c7f159d597fe6a8d9d832358a57de25bad7857add204ddbc0cc903bde5482

  • SHA512

    6eaa8eac643005ca8eeb748750c003fc19d33169abddf7b87b74b97d4996a4944224c4e5807f75d47742eebfdd9498b7ac7256f74d7574146622fb7a853e7bdf

  • SSDEEP

    6144:n3C9BRIG0asYFm71mPfkVB8dKwaO5CVwOP:n3C9uYA7okVqdKwaO5CVJ

Malware Config

Targets

    • Target

      b15b2e40bd5cd3b97098f4cf94e40210_NeikiAnalytics.exe

    • Size

      392KB

    • MD5

      b15b2e40bd5cd3b97098f4cf94e40210

    • SHA1

      6ae0e427fc719e95aab13fdd3ab1b48c5801a112

    • SHA256

      0c9c7f159d597fe6a8d9d832358a57de25bad7857add204ddbc0cc903bde5482

    • SHA512

      6eaa8eac643005ca8eeb748750c003fc19d33169abddf7b87b74b97d4996a4944224c4e5807f75d47742eebfdd9498b7ac7256f74d7574146622fb7a853e7bdf

    • SSDEEP

      6144:n3C9BRIG0asYFm71mPfkVB8dKwaO5CVwOP:n3C9uYA7okVqdKwaO5CVJ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks