General

  • Target

    d5fa1f86221c403ca0cb1d1ffdc75a80_NeikiAnalytics.exe

  • Size

    344KB

  • Sample

    240518-rm516aff27

  • MD5

    d5fa1f86221c403ca0cb1d1ffdc75a80

  • SHA1

    f5e86f436b6530d69c12d6e9a6388bbe1a3db3b4

  • SHA256

    be49af61021cb0f6767aa33f595f8d2efe56d79c2c301ed35c6a8807c67fdb5e

  • SHA512

    053df8d0a1c64049de9c4053e0bababad93feba3edcefb90d62cece5065e861956f13fa7712941042fcfbde37eb45f85285558bb156d2146a3a5d768836f4d5b

  • SSDEEP

    6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyIF:n3C9uDnUXoSWlnwJv90aKToFqwfIB7

Malware Config

Targets

    • Target

      d5fa1f86221c403ca0cb1d1ffdc75a80_NeikiAnalytics.exe

    • Size

      344KB

    • MD5

      d5fa1f86221c403ca0cb1d1ffdc75a80

    • SHA1

      f5e86f436b6530d69c12d6e9a6388bbe1a3db3b4

    • SHA256

      be49af61021cb0f6767aa33f595f8d2efe56d79c2c301ed35c6a8807c67fdb5e

    • SHA512

      053df8d0a1c64049de9c4053e0bababad93feba3edcefb90d62cece5065e861956f13fa7712941042fcfbde37eb45f85285558bb156d2146a3a5d768836f4d5b

    • SSDEEP

      6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyIF:n3C9uDnUXoSWlnwJv90aKToFqwfIB7

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks