General

  • Target

    c4a26e2382b4c49da532bd4b91cd1340_NeikiAnalytics.exe

  • Size

    115KB

  • Sample

    240518-pt3s9sbh35

  • MD5

    c4a26e2382b4c49da532bd4b91cd1340

  • SHA1

    a14f8c8f95bbf657e3769b54d15d0ee565efae65

  • SHA256

    798b897718089a4170d32c4fa40ee1795b791fe34d2e4302b03e0bbd13ce8463

  • SHA512

    21fb6fad995d63ced02be0ec025e136050282570cab8ff8d72f0cc20aab7e6a67c0491ba8e7f6365cd435e2f50e956dd815af978e812ff2343d9aca2521a5c93

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmjlkFP:n3C9BRosxW8MFHLMWvlc

Malware Config

Targets

    • Target

      c4a26e2382b4c49da532bd4b91cd1340_NeikiAnalytics.exe

    • Size

      115KB

    • MD5

      c4a26e2382b4c49da532bd4b91cd1340

    • SHA1

      a14f8c8f95bbf657e3769b54d15d0ee565efae65

    • SHA256

      798b897718089a4170d32c4fa40ee1795b791fe34d2e4302b03e0bbd13ce8463

    • SHA512

      21fb6fad995d63ced02be0ec025e136050282570cab8ff8d72f0cc20aab7e6a67c0491ba8e7f6365cd435e2f50e956dd815af978e812ff2343d9aca2521a5c93

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmjlkFP:n3C9BRosxW8MFHLMWvlc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks