General

  • Target

    c413c0a486d632d2c8756b2edc657000_NeikiAnalytics.exe

  • Size

    199KB

  • Sample

    240518-psdgzsbg52

  • MD5

    c413c0a486d632d2c8756b2edc657000

  • SHA1

    c2f1ee0f3fbc3ff6029e9eb46b3148c17866817d

  • SHA256

    efe7e038e7110516a69bbe36805500257c9d47f69fbfef8716e2448c2ed008fe

  • SHA512

    4519eeb336753595b21d549128d0fd820f8e23c3f8375cb7fc80883758ac7d6db82ab1edad77bbde57be8ae381162130cbf40b9c434ed676276fb0108fdf3c0e

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmc51+GqekBJCvr6zJBUt6iP:n3C9BRIG0asYFm71m8+GdkB9O

Malware Config

Targets

    • Target

      c413c0a486d632d2c8756b2edc657000_NeikiAnalytics.exe

    • Size

      199KB

    • MD5

      c413c0a486d632d2c8756b2edc657000

    • SHA1

      c2f1ee0f3fbc3ff6029e9eb46b3148c17866817d

    • SHA256

      efe7e038e7110516a69bbe36805500257c9d47f69fbfef8716e2448c2ed008fe

    • SHA512

      4519eeb336753595b21d549128d0fd820f8e23c3f8375cb7fc80883758ac7d6db82ab1edad77bbde57be8ae381162130cbf40b9c434ed676276fb0108fdf3c0e

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmc51+GqekBJCvr6zJBUt6iP:n3C9BRIG0asYFm71m8+GdkB9O

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks