General

  • Target

    d661288c0fb86287bc3f6b69aa259b90_NeikiAnalytics.exe

  • Size

    65KB

  • Sample

    240518-rpbv4aff87

  • MD5

    d661288c0fb86287bc3f6b69aa259b90

  • SHA1

    013ca307471f07ff562943b26a32469641ed68b2

  • SHA256

    5f89273e3f5e5912cba6ae307c06defc6fd68044721f1c882361e5e01e30ce82

  • SHA512

    1ae624fdbdbed6e753676dcdb282c23a7cd5899ad99c396af5ace9a9ffae29807c85a1e5d88f4b6d7753bc8bebdd1ca9fc07445b2282eebbdb484348f21d884a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJUDbAIF:ymb3NkkiQ3mdBjFIFdJ8b3

Malware Config

Targets

    • Target

      d661288c0fb86287bc3f6b69aa259b90_NeikiAnalytics.exe

    • Size

      65KB

    • MD5

      d661288c0fb86287bc3f6b69aa259b90

    • SHA1

      013ca307471f07ff562943b26a32469641ed68b2

    • SHA256

      5f89273e3f5e5912cba6ae307c06defc6fd68044721f1c882361e5e01e30ce82

    • SHA512

      1ae624fdbdbed6e753676dcdb282c23a7cd5899ad99c396af5ace9a9ffae29807c85a1e5d88f4b6d7753bc8bebdd1ca9fc07445b2282eebbdb484348f21d884a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJUDbAIF:ymb3NkkiQ3mdBjFIFdJ8b3

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks