General

  • Target

    da3089c35388100d26e577aa509c44e0_NeikiAnalytics.exe

  • Size

    92KB

  • Sample

    240518-r3qleage36

  • MD5

    da3089c35388100d26e577aa509c44e0

  • SHA1

    d328bbd4a77895a0a1559467653f55a4dac03976

  • SHA256

    a7ad6a1b876aa1a66eb6265a61877770e743aeb0055ea66f8d62d2dcff788838

  • SHA512

    afd8084643380b029e72083930a631cfa88b77e91f3c9ee334eb2ecaea6b259e32d4f0eb26efc61e0d069a79fd64e7cf3e3884402e7a7b867b9b8322c044d90f

  • SSDEEP

    1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWpZ:8hOmTsF93UYfwC6GIout0fmCiiiXA6mP

Malware Config

Targets

    • Target

      da3089c35388100d26e577aa509c44e0_NeikiAnalytics.exe

    • Size

      92KB

    • MD5

      da3089c35388100d26e577aa509c44e0

    • SHA1

      d328bbd4a77895a0a1559467653f55a4dac03976

    • SHA256

      a7ad6a1b876aa1a66eb6265a61877770e743aeb0055ea66f8d62d2dcff788838

    • SHA512

      afd8084643380b029e72083930a631cfa88b77e91f3c9ee334eb2ecaea6b259e32d4f0eb26efc61e0d069a79fd64e7cf3e3884402e7a7b867b9b8322c044d90f

    • SSDEEP

      1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWpZ:8hOmTsF93UYfwC6GIout0fmCiiiXA6mP

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks