General

  • Target

    c168d89ec62adb11ec80bdfa8744efe0_NeikiAnalytics.exe

  • Size

    75KB

  • Sample

    240518-phe8tsbc42

  • MD5

    c168d89ec62adb11ec80bdfa8744efe0

  • SHA1

    3470058959ec9f8566404fe3ff0084274c6972b4

  • SHA256

    0c6a0f04243d21dede9e31e9d6f8f786d1720c98f1f70a436a0064c250836c6f

  • SHA512

    0c7e5db179f5de9a771e82aa36fb8d158ccee07dc1d2c2665ad9262bb1bf08872dc678bba6513b1e152a7def97483b1d23cfd66c7d3d0d53ceac42f7861199cb

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAh2QpUnX1AM:ymb3NkkiQ3mdBjFIsIVbpU1

Malware Config

Targets

    • Target

      c168d89ec62adb11ec80bdfa8744efe0_NeikiAnalytics.exe

    • Size

      75KB

    • MD5

      c168d89ec62adb11ec80bdfa8744efe0

    • SHA1

      3470058959ec9f8566404fe3ff0084274c6972b4

    • SHA256

      0c6a0f04243d21dede9e31e9d6f8f786d1720c98f1f70a436a0064c250836c6f

    • SHA512

      0c7e5db179f5de9a771e82aa36fb8d158ccee07dc1d2c2665ad9262bb1bf08872dc678bba6513b1e152a7def97483b1d23cfd66c7d3d0d53ceac42f7861199cb

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAh2QpUnX1AM:ymb3NkkiQ3mdBjFIsIVbpU1

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks