General

  • Target

    bf82a410fe9950a3e102230eae5e9050_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240518-pb2hgsah2y

  • MD5

    bf82a410fe9950a3e102230eae5e9050

  • SHA1

    911e464e74db31644362d04ca07477a951dab13b

  • SHA256

    d1ce8dd5501c34c61d51945a19acae1ff6897ec1926dfbc6bb04a93bf2dce17e

  • SHA512

    73c612cdc67dcc999b5d459329054aaec5cc28d441ff0854bde874c8dbe47f6f9de2ed31232f40a5e5f1fd2df8555247932632b35ae5e83dc7c5e282aaf58197

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuE:n3C9ytvngQj429nnzeZhBr

Malware Config

Targets

    • Target

      bf82a410fe9950a3e102230eae5e9050_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      bf82a410fe9950a3e102230eae5e9050

    • SHA1

      911e464e74db31644362d04ca07477a951dab13b

    • SHA256

      d1ce8dd5501c34c61d51945a19acae1ff6897ec1926dfbc6bb04a93bf2dce17e

    • SHA512

      73c612cdc67dcc999b5d459329054aaec5cc28d441ff0854bde874c8dbe47f6f9de2ed31232f40a5e5f1fd2df8555247932632b35ae5e83dc7c5e282aaf58197

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuE:n3C9ytvngQj429nnzeZhBr

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks