General

  • Target

    c3495286de0ef10b25eee17dc8859000_NeikiAnalytics.exe

  • Size

    89KB

  • Sample

    240518-pphyasbf37

  • MD5

    c3495286de0ef10b25eee17dc8859000

  • SHA1

    f9bffd7ad269ad3e634bb455782681fbb16c3c5b

  • SHA256

    04e5da4181c6624d59a6f566e0a5371f94c2203db1fdfdccb3ba8f34a124afa6

  • SHA512

    c098aa9876a77b6b18953dc5237b349eec5625d39120ee824043d44065361f931c4927cc02301422c8222d9194ad3cbfce194ca43860e2249bf48efdedef4d44

  • SSDEEP

    1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWpU:8hOmTsF93UYfwC6GIout0fmCiiiXA6m+

Malware Config

Targets

    • Target

      c3495286de0ef10b25eee17dc8859000_NeikiAnalytics.exe

    • Size

      89KB

    • MD5

      c3495286de0ef10b25eee17dc8859000

    • SHA1

      f9bffd7ad269ad3e634bb455782681fbb16c3c5b

    • SHA256

      04e5da4181c6624d59a6f566e0a5371f94c2203db1fdfdccb3ba8f34a124afa6

    • SHA512

      c098aa9876a77b6b18953dc5237b349eec5625d39120ee824043d44065361f931c4927cc02301422c8222d9194ad3cbfce194ca43860e2249bf48efdedef4d44

    • SSDEEP

      1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWpU:8hOmTsF93UYfwC6GIout0fmCiiiXA6m+

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks