General

  • Target

    be0ea1788e58004bc9b006d41c37f950_NeikiAnalytics.exe

  • Size

    56KB

  • Sample

    240518-n61n1aae73

  • MD5

    be0ea1788e58004bc9b006d41c37f950

  • SHA1

    9ca055fc384f2253d025c7fd338242e11a97c385

  • SHA256

    8ed616296fcd228e53a370ab6cf0e91f326fdecb00589ca431bb4557a371c870

  • SHA512

    0e5c8c19aabcdb12066af06397194fdb2f710a6b81c2ec42982864f4de28f9824967f00a53db5909676a0464526f7ea875ea1c60c53c7f088436643e893e9f5f

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVnu:ymb3NkkiQ3mdBjF0cru

Malware Config

Targets

    • Target

      be0ea1788e58004bc9b006d41c37f950_NeikiAnalytics.exe

    • Size

      56KB

    • MD5

      be0ea1788e58004bc9b006d41c37f950

    • SHA1

      9ca055fc384f2253d025c7fd338242e11a97c385

    • SHA256

      8ed616296fcd228e53a370ab6cf0e91f326fdecb00589ca431bb4557a371c870

    • SHA512

      0e5c8c19aabcdb12066af06397194fdb2f710a6b81c2ec42982864f4de28f9824967f00a53db5909676a0464526f7ea875ea1c60c53c7f088436643e893e9f5f

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVnu:ymb3NkkiQ3mdBjF0cru

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks