General

  • Target

    be3e4e7926bd4af65793311e29ef0790_NeikiAnalytics.exe

  • Size

    587KB

  • Sample

    240518-n7gyaaae97

  • MD5

    be3e4e7926bd4af65793311e29ef0790

  • SHA1

    4ce54f09e8494ba8b55066125b414cb0bb4d2fb7

  • SHA256

    ebdc391ea9c595af429e7e812de49493f60df9caf1c27768118c0babc8844691

  • SHA512

    8f7f10b6dad8545d6f7e1be7895e9f030cf21fa4627a43bbf1f4e29f387e16086b0e15ca58e873fc59830fc9d7960a6df22c65946c362287308a3477ff061c42

  • SSDEEP

    6144:n3C9BRIj+ebjcSbcY+CaQdaFOY4iGFYtRdzzoyYxJAyfgayQ:n3C9Lebz+xt4vFeFmgayQ

Malware Config

Targets

    • Target

      be3e4e7926bd4af65793311e29ef0790_NeikiAnalytics.exe

    • Size

      587KB

    • MD5

      be3e4e7926bd4af65793311e29ef0790

    • SHA1

      4ce54f09e8494ba8b55066125b414cb0bb4d2fb7

    • SHA256

      ebdc391ea9c595af429e7e812de49493f60df9caf1c27768118c0babc8844691

    • SHA512

      8f7f10b6dad8545d6f7e1be7895e9f030cf21fa4627a43bbf1f4e29f387e16086b0e15ca58e873fc59830fc9d7960a6df22c65946c362287308a3477ff061c42

    • SSDEEP

      6144:n3C9BRIj+ebjcSbcY+CaQdaFOY4iGFYtRdzzoyYxJAyfgayQ:n3C9Lebz+xt4vFeFmgayQ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks