General

  • Target

    d63bb7392dbf8a9ebd151183161e84a0_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240518-rnzkrsff63

  • MD5

    d63bb7392dbf8a9ebd151183161e84a0

  • SHA1

    0611f296eac935ac1dbc0526599eb1d77a1d9188

  • SHA256

    cea7a8c2e88333688f4c798be3a931d7d663a5841e68c8f90c4810a5bffbcef1

  • SHA512

    7503405352a72809bda1114d2dedc8c81db654f0ec978ae959aa8e33acebac70a76dc558015fe498869f5fa15700dedbd5328376b6ce6f116af3822093684f5a

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7s:n3C9uYA71kSMu08px7s

Malware Config

Targets

    • Target

      d63bb7392dbf8a9ebd151183161e84a0_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      d63bb7392dbf8a9ebd151183161e84a0

    • SHA1

      0611f296eac935ac1dbc0526599eb1d77a1d9188

    • SHA256

      cea7a8c2e88333688f4c798be3a931d7d663a5841e68c8f90c4810a5bffbcef1

    • SHA512

      7503405352a72809bda1114d2dedc8c81db654f0ec978ae959aa8e33acebac70a76dc558015fe498869f5fa15700dedbd5328376b6ce6f116af3822093684f5a

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7s:n3C9uYA71kSMu08px7s

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks