General

  • Target

    d5853b1cc049e2432815ba3e6170bcf0_NeikiAnalytics.exe

  • Size

    392KB

  • Sample

    240518-rlpyjsfd2z

  • MD5

    d5853b1cc049e2432815ba3e6170bcf0

  • SHA1

    e0a8946e4b89f0f475c4251c76f681687b5f36a0

  • SHA256

    aceb6a7694f7a9da3dbd37ae7792fd3fd7e404fc797369b3f5436a289e0dc0b0

  • SHA512

    3ce1e9fdecc9c55570107a427578f8f5292d753e5e3f2c7b517b0479663caaa9f2932b0c5dfda4dcc957d62964157a4c03a13ba557d50a8b2b436632b235959e

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjkIfzBgZJmAh0:n3C9ytvngQj1fz6ZJmAm

Malware Config

Targets

    • Target

      d5853b1cc049e2432815ba3e6170bcf0_NeikiAnalytics.exe

    • Size

      392KB

    • MD5

      d5853b1cc049e2432815ba3e6170bcf0

    • SHA1

      e0a8946e4b89f0f475c4251c76f681687b5f36a0

    • SHA256

      aceb6a7694f7a9da3dbd37ae7792fd3fd7e404fc797369b3f5436a289e0dc0b0

    • SHA512

      3ce1e9fdecc9c55570107a427578f8f5292d753e5e3f2c7b517b0479663caaa9f2932b0c5dfda4dcc957d62964157a4c03a13ba557d50a8b2b436632b235959e

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjkIfzBgZJmAh0:n3C9ytvngQj1fz6ZJmAm

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks