General

  • Target

    d74e143d80daf206fd60dea3ee5c69b0_NeikiAnalytics.exe

  • Size

    414KB

  • Sample

    240518-rsqhnafh58

  • MD5

    d74e143d80daf206fd60dea3ee5c69b0

  • SHA1

    567ea1baf27537682f31aa01f047eb4251037ff6

  • SHA256

    1879ca84da83ac476a53fa0d83b0efdd86b7d14c5401c17cf50379a4b6827c25

  • SHA512

    333097dd37be912dc86bc4f6149ef5f076548d7936ab329c6e4197e09792653e2635d6e93e4d341062ba3cb2cc9faab1c664049dbe4d6928f11efb420b6c0ebd

  • SSDEEP

    12288:n3C9ytvngQj4DtvnV9wLn9UTfC8eieJNBNIsYPy:SgdnJUdnV9S

Malware Config

Targets

    • Target

      d74e143d80daf206fd60dea3ee5c69b0_NeikiAnalytics.exe

    • Size

      414KB

    • MD5

      d74e143d80daf206fd60dea3ee5c69b0

    • SHA1

      567ea1baf27537682f31aa01f047eb4251037ff6

    • SHA256

      1879ca84da83ac476a53fa0d83b0efdd86b7d14c5401c17cf50379a4b6827c25

    • SHA512

      333097dd37be912dc86bc4f6149ef5f076548d7936ab329c6e4197e09792653e2635d6e93e4d341062ba3cb2cc9faab1c664049dbe4d6928f11efb420b6c0ebd

    • SSDEEP

      12288:n3C9ytvngQj4DtvnV9wLn9UTfC8eieJNBNIsYPy:SgdnJUdnV9S

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks