General

  • Target

    d6d13f26b3f0cafb577737ce3c052850_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240518-rq1kvafg66

  • MD5

    d6d13f26b3f0cafb577737ce3c052850

  • SHA1

    1f47a176343297c78d10c863f9fd6d73048cc593

  • SHA256

    777e976d670e4e428ca4ef77a3b412660580418cfc32c397dcbaa52be96354f4

  • SHA512

    e7e16661364e59194107a7b3a5eac53493fa6d566c9ad7f1b0c8bd5ea6acdaad1ea976c140cb42ca0023dd1ba5b1e6f7a1d78fd6da67e36efe0bd772fda2fdf2

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7w:n3C9uYA71kSMu08px7w

Malware Config

Targets

    • Target

      d6d13f26b3f0cafb577737ce3c052850_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      d6d13f26b3f0cafb577737ce3c052850

    • SHA1

      1f47a176343297c78d10c863f9fd6d73048cc593

    • SHA256

      777e976d670e4e428ca4ef77a3b412660580418cfc32c397dcbaa52be96354f4

    • SHA512

      e7e16661364e59194107a7b3a5eac53493fa6d566c9ad7f1b0c8bd5ea6acdaad1ea976c140cb42ca0023dd1ba5b1e6f7a1d78fd6da67e36efe0bd772fda2fdf2

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7w:n3C9uYA71kSMu08px7w

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks