General

  • Target

    56ab03197e3f44481e1e54f9a05769ef_NeikiAnalytics.exe

  • Size

    455KB

  • Sample

    240518-ng3gasha8w

  • MD5

    56ab03197e3f44481e1e54f9a05769ef

  • SHA1

    5bd06bad8223e2883a3660d3ad2d2afaee52662d

  • SHA256

    4b40678723a68cfab0eccd546198e4f788c9cf7f18a0ae0c2f1f0564e815725a

  • SHA512

    8554c82f8e8843737f5595fe0b2a6dabe6d8037e5d3a50870fbf8a87408ddc374af024fa802c733d70191ae955877d5a95792de58b34a1247bb5fdbd305f9afb

  • SSDEEP

    12288:y4wFHoS3eFp3IDvSbh5nPYERAAUDCa4NYma:HFp3lz1XUDCaGYma

Malware Config

Targets

    • Target

      56ab03197e3f44481e1e54f9a05769ef_NeikiAnalytics.exe

    • Size

      455KB

    • MD5

      56ab03197e3f44481e1e54f9a05769ef

    • SHA1

      5bd06bad8223e2883a3660d3ad2d2afaee52662d

    • SHA256

      4b40678723a68cfab0eccd546198e4f788c9cf7f18a0ae0c2f1f0564e815725a

    • SHA512

      8554c82f8e8843737f5595fe0b2a6dabe6d8037e5d3a50870fbf8a87408ddc374af024fa802c733d70191ae955877d5a95792de58b34a1247bb5fdbd305f9afb

    • SSDEEP

      12288:y4wFHoS3eFp3IDvSbh5nPYERAAUDCa4NYma:HFp3lz1XUDCaGYma

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks