General

  • Target

    d882484b2a57ca20cace16ed2c035540_NeikiAnalytics.exe

  • Size

    205KB

  • Sample

    240518-ryggyagb3s

  • MD5

    d882484b2a57ca20cace16ed2c035540

  • SHA1

    e0174581d57adcd7c336fe5b1746a35e40e4a565

  • SHA256

    39041bbddce2609635362227f0ae27b312e6c1db7899d125ed83fcf112f0273c

  • SHA512

    ad48fe8627340015e19fbd540cb63b52bf813f207eccd26ab7ffaeb1c026f055c600b1f4efd11e1d98fe3de82d76af192a80d6158af6dbfe6fccf9c3b7a1756b

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+C2HVM1p6TQpCihb:PhOm2sI93UufdC67ciJTU2HVS64hb

Malware Config

Targets

    • Target

      d882484b2a57ca20cace16ed2c035540_NeikiAnalytics.exe

    • Size

      205KB

    • MD5

      d882484b2a57ca20cace16ed2c035540

    • SHA1

      e0174581d57adcd7c336fe5b1746a35e40e4a565

    • SHA256

      39041bbddce2609635362227f0ae27b312e6c1db7899d125ed83fcf112f0273c

    • SHA512

      ad48fe8627340015e19fbd540cb63b52bf813f207eccd26ab7ffaeb1c026f055c600b1f4efd11e1d98fe3de82d76af192a80d6158af6dbfe6fccf9c3b7a1756b

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+C2HVM1p6TQpCihb:PhOm2sI93UufdC67ciJTU2HVS64hb

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks