General

  • Target

    d6fff43babd2c32651a7f830b86c31b0_NeikiAnalytics.exe

  • Size

    140KB

  • Sample

    240518-rrp6haff8v

  • MD5

    d6fff43babd2c32651a7f830b86c31b0

  • SHA1

    dfc356ed155f6851d181cc1291749d78e6698c36

  • SHA256

    5b8c7f08f6ffc29b1b4b333cb000796fe9470e86380208787862dc9295900fbf

  • SHA512

    c98a546cdc13dd3d994860da1fbfcb91a6db31f992959997613a8a4c3c9102f179e699f3922a5a2364ed72e4ea3411b231f47bb2f99f98d4835dbf05a8f8c0b7

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmm8mzuFli55p15r:n3C9BRIG0asYFm71mm8flix

Malware Config

Targets

    • Target

      d6fff43babd2c32651a7f830b86c31b0_NeikiAnalytics.exe

    • Size

      140KB

    • MD5

      d6fff43babd2c32651a7f830b86c31b0

    • SHA1

      dfc356ed155f6851d181cc1291749d78e6698c36

    • SHA256

      5b8c7f08f6ffc29b1b4b333cb000796fe9470e86380208787862dc9295900fbf

    • SHA512

      c98a546cdc13dd3d994860da1fbfcb91a6db31f992959997613a8a4c3c9102f179e699f3922a5a2364ed72e4ea3411b231f47bb2f99f98d4835dbf05a8f8c0b7

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmm8mzuFli55p15r:n3C9BRIG0asYFm71mm8flix

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks