General

  • Target

    dbb6085a7a2f708ac997bd58758f1b30_NeikiAnalytics.exe

  • Size

    392KB

  • Sample

    240518-r8y5qsgg95

  • MD5

    dbb6085a7a2f708ac997bd58758f1b30

  • SHA1

    1d750d076150134239bb9663830ced7e82004c20

  • SHA256

    d83cd019ea102c0c78f48ddef48b8fa79cd8a42796610ec00a0d322e4d640be6

  • SHA512

    b6ccaf1f004e40f15afa1c51e908a49cd64ad8468ab929234fa6821e9a6cc890da443fb862bf8d87b3cb571f174edf4e5f74cd6e80fc9d868ef57cc85a3a0262

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjkIfzBgZJmAhs:n3C9ytvngQj1fz6ZJmA6

Malware Config

Targets

    • Target

      dbb6085a7a2f708ac997bd58758f1b30_NeikiAnalytics.exe

    • Size

      392KB

    • MD5

      dbb6085a7a2f708ac997bd58758f1b30

    • SHA1

      1d750d076150134239bb9663830ced7e82004c20

    • SHA256

      d83cd019ea102c0c78f48ddef48b8fa79cd8a42796610ec00a0d322e4d640be6

    • SHA512

      b6ccaf1f004e40f15afa1c51e908a49cd64ad8468ab929234fa6821e9a6cc890da443fb862bf8d87b3cb571f174edf4e5f74cd6e80fc9d868ef57cc85a3a0262

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjkIfzBgZJmAhs:n3C9ytvngQj1fz6ZJmA6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks