General

  • Target

    bc5d07ebc2923a8382d95d5b09aac960_NeikiAnalytics.exe

  • Size

    226KB

  • Sample

    240518-n1e54sab83

  • MD5

    bc5d07ebc2923a8382d95d5b09aac960

  • SHA1

    d12db22867b8d1cbfc8ff067c9c9be333e9837e7

  • SHA256

    c69e35adf0c514ba73d11ae730d823a895417b3636846d9e2831b7b1a9ff29a5

  • SHA512

    535036e8dca132028e1a045c5fda19e20f8fac8b5eaf096a7cd19355e69dbadcec28bc576ec8cb55c8affcb34daf249e161d8f4fb9d1a35f33fd826df06c6567

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31z8mFc:n3C9BRo7MlrWKo+lfFc

Malware Config

Targets

    • Target

      bc5d07ebc2923a8382d95d5b09aac960_NeikiAnalytics.exe

    • Size

      226KB

    • MD5

      bc5d07ebc2923a8382d95d5b09aac960

    • SHA1

      d12db22867b8d1cbfc8ff067c9c9be333e9837e7

    • SHA256

      c69e35adf0c514ba73d11ae730d823a895417b3636846d9e2831b7b1a9ff29a5

    • SHA512

      535036e8dca132028e1a045c5fda19e20f8fac8b5eaf096a7cd19355e69dbadcec28bc576ec8cb55c8affcb34daf249e161d8f4fb9d1a35f33fd826df06c6567

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31z8mFc:n3C9BRo7MlrWKo+lfFc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks