General

  • Target

    c15ecb03d71bf10a62061bd195e88160_NeikiAnalytics.exe

  • Size

    277KB

  • Sample

    240518-pg9faabc32

  • MD5

    c15ecb03d71bf10a62061bd195e88160

  • SHA1

    83c82475d9276bc9c4ec318377f65cb2756ef531

  • SHA256

    8efdc9eac232bd5d409eacc514e1ac10566211691f53d27a534944e60f8aa6a4

  • SHA512

    c1485a6ca7ada2231e60156780775839a2074c0265b3b219fea6ea8468dad1652ac5e70c9507e285720b4beb7e92141bead03ac513d39f961b5ce21408a793c3

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7Vvemh:n3C9uYA71kSMuv

Malware Config

Targets

    • Target

      c15ecb03d71bf10a62061bd195e88160_NeikiAnalytics.exe

    • Size

      277KB

    • MD5

      c15ecb03d71bf10a62061bd195e88160

    • SHA1

      83c82475d9276bc9c4ec318377f65cb2756ef531

    • SHA256

      8efdc9eac232bd5d409eacc514e1ac10566211691f53d27a534944e60f8aa6a4

    • SHA512

      c1485a6ca7ada2231e60156780775839a2074c0265b3b219fea6ea8468dad1652ac5e70c9507e285720b4beb7e92141bead03ac513d39f961b5ce21408a793c3

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7Vvemh:n3C9uYA71kSMuv

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks