General

  • Target

    bc474443cdba1baa0c31e06a880f1340_NeikiAnalytics.exe

  • Size

    62KB

  • Sample

    240518-nz5dlsab73

  • MD5

    bc474443cdba1baa0c31e06a880f1340

  • SHA1

    d034e50222894739fd1c3f572f062b3342b6df82

  • SHA256

    87ef060c404ed54a4618b5e7186cb6f9982160d5de8f1ef274804ff2248caa63

  • SHA512

    cfbb2f0c0068a2d95ffd4b45f202880a5edfb823482587e59f9d7ed8729f7b5db18c4f8b0effd7c7db2a64dbe7e672d66aa6547d894d93ceafe9f8264ee3f459

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDISoFGDLO:ymb3NkkiQ3mdBjFIk3O

Malware Config

Targets

    • Target

      bc474443cdba1baa0c31e06a880f1340_NeikiAnalytics.exe

    • Size

      62KB

    • MD5

      bc474443cdba1baa0c31e06a880f1340

    • SHA1

      d034e50222894739fd1c3f572f062b3342b6df82

    • SHA256

      87ef060c404ed54a4618b5e7186cb6f9982160d5de8f1ef274804ff2248caa63

    • SHA512

      cfbb2f0c0068a2d95ffd4b45f202880a5edfb823482587e59f9d7ed8729f7b5db18c4f8b0effd7c7db2a64dbe7e672d66aa6547d894d93ceafe9f8264ee3f459

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDISoFGDLO:ymb3NkkiQ3mdBjFIk3O

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks