General

  • Target

    be9c2ad9834931e35c0b648535b5fc50_NeikiAnalytics.exe

  • Size

    379KB

  • Sample

    240518-n8sfeaaf5y

  • MD5

    be9c2ad9834931e35c0b648535b5fc50

  • SHA1

    6e20de433b4ddecc3dadd8c2c65f3291312ad78d

  • SHA256

    68a7e8362879b157719f6f576fb698dfbdc28ef1319013112358f62fbd33e1ec

  • SHA512

    d781030e4fe059bb655f97cbb8e5daeb6c32a681782e99890bff011a15bb22dff9c2bcd1822434c12bb7f61398b7470fd4df6bb4afa8148178fc5dcb83594a8b

  • SSDEEP

    6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVo+:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoG

Malware Config

Targets

    • Target

      be9c2ad9834931e35c0b648535b5fc50_NeikiAnalytics.exe

    • Size

      379KB

    • MD5

      be9c2ad9834931e35c0b648535b5fc50

    • SHA1

      6e20de433b4ddecc3dadd8c2c65f3291312ad78d

    • SHA256

      68a7e8362879b157719f6f576fb698dfbdc28ef1319013112358f62fbd33e1ec

    • SHA512

      d781030e4fe059bb655f97cbb8e5daeb6c32a681782e99890bff011a15bb22dff9c2bcd1822434c12bb7f61398b7470fd4df6bb4afa8148178fc5dcb83594a8b

    • SSDEEP

      6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVo+:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoG

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks