General

  • Target

    c61e2b8367e52c680c35786c5aa9def0_NeikiAnalytics.exe

  • Size

    67KB

  • Sample

    240518-pzh12sca9s

  • MD5

    c61e2b8367e52c680c35786c5aa9def0

  • SHA1

    b65f8a274ea8f452b22e7292bd64bcac56204f05

  • SHA256

    ef2cce12be898ba342087e5197116b1b35deebe59e1bc7ed15b70c78e3a44e3d

  • SHA512

    923b3291c7222156ede0c4609d5505796e57fe4463dfdfc2ce17fffb08aaed8e7b3638f0e59eaffe7aff2b6ec85b5802df6e184357ff0fba86be11fb66f85073

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbF:ymb3NkkiQ3mdBjFIfvTfCD+HM

Malware Config

Targets

    • Target

      c61e2b8367e52c680c35786c5aa9def0_NeikiAnalytics.exe

    • Size

      67KB

    • MD5

      c61e2b8367e52c680c35786c5aa9def0

    • SHA1

      b65f8a274ea8f452b22e7292bd64bcac56204f05

    • SHA256

      ef2cce12be898ba342087e5197116b1b35deebe59e1bc7ed15b70c78e3a44e3d

    • SHA512

      923b3291c7222156ede0c4609d5505796e57fe4463dfdfc2ce17fffb08aaed8e7b3638f0e59eaffe7aff2b6ec85b5802df6e184357ff0fba86be11fb66f85073

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbF:ymb3NkkiQ3mdBjFIfvTfCD+HM

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks