General

  • Target

    d953b5b8a0293d9dc887a325f0596700_NeikiAnalytics.exe

  • Size

    345KB

  • Sample

    240518-r1dttsgc21

  • MD5

    d953b5b8a0293d9dc887a325f0596700

  • SHA1

    26e3cbce7767b02d14cca886736e5b33804d0baf

  • SHA256

    f14bed36192c31f5740b1f5903aac48cfb79754a1e726c564dd8c559d339ce19

  • SHA512

    00f163ec29ba94f6284622a4172539fb521af8a1beb862f2db767e84eb981744a4605108d258aa7c70b0eaeba82d05dc18d05e7702a2a8046b7e4b3413e75f1c

  • SSDEEP

    6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyIK:n3C9uDnUXoSWlnwJv90aKToFqwfIBk

Malware Config

Targets

    • Target

      d953b5b8a0293d9dc887a325f0596700_NeikiAnalytics.exe

    • Size

      345KB

    • MD5

      d953b5b8a0293d9dc887a325f0596700

    • SHA1

      26e3cbce7767b02d14cca886736e5b33804d0baf

    • SHA256

      f14bed36192c31f5740b1f5903aac48cfb79754a1e726c564dd8c559d339ce19

    • SHA512

      00f163ec29ba94f6284622a4172539fb521af8a1beb862f2db767e84eb981744a4605108d258aa7c70b0eaeba82d05dc18d05e7702a2a8046b7e4b3413e75f1c

    • SSDEEP

      6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyIK:n3C9uDnUXoSWlnwJv90aKToFqwfIBk

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks