General

  • Target

    d7f7ac5dfd0c169eee25f947f4960420_NeikiAnalytics.exe

  • Size

    334KB

  • Sample

    240518-rwk3cafh8z

  • MD5

    d7f7ac5dfd0c169eee25f947f4960420

  • SHA1

    35530b315b5af1203730e40f2867eead9fd38038

  • SHA256

    af0eee9f6d7627e22a5745f26d7cddfa61c30d9e34f901aa18cb7cb3b4c3a04f

  • SHA512

    f1c562bf5980bd9010a227b75ecd273b12abfcd363369b442ff278c2b9bcf371308391ae40cbea3b794efd0a2093263e2363d9129aa85e71945db913832d29e1

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/2:x4wFHoS3eFaKHpv/VycgE8o2

Malware Config

Targets

    • Target

      d7f7ac5dfd0c169eee25f947f4960420_NeikiAnalytics.exe

    • Size

      334KB

    • MD5

      d7f7ac5dfd0c169eee25f947f4960420

    • SHA1

      35530b315b5af1203730e40f2867eead9fd38038

    • SHA256

      af0eee9f6d7627e22a5745f26d7cddfa61c30d9e34f901aa18cb7cb3b4c3a04f

    • SHA512

      f1c562bf5980bd9010a227b75ecd273b12abfcd363369b442ff278c2b9bcf371308391ae40cbea3b794efd0a2093263e2363d9129aa85e71945db913832d29e1

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/2:x4wFHoS3eFaKHpv/VycgE8o2

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks