General

  • Target

    e40652334059a3d297f534993d39e940_NeikiAnalytics.exe

  • Size

    63KB

  • Sample

    240518-s2q18aaf56

  • MD5

    e40652334059a3d297f534993d39e940

  • SHA1

    49630f8351ea6af6bc62208092c84e0371aa6191

  • SHA256

    39107d654afb7a29e02c3c5ec4cf8c2116f660119021a487c04f34f622e1c2ce

  • SHA512

    dcdc8b8dace4e69292a9f76f3f97e935b0e2b99ba2d9676283ee5a4b57360e91361ac99d69f3bfa7004f5188faf5fd3791a7c1d2f08824903fda92d557a53b05

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12g:ymb3NkkiQ3mdBjFIFdJmd

Malware Config

Targets

    • Target

      e40652334059a3d297f534993d39e940_NeikiAnalytics.exe

    • Size

      63KB

    • MD5

      e40652334059a3d297f534993d39e940

    • SHA1

      49630f8351ea6af6bc62208092c84e0371aa6191

    • SHA256

      39107d654afb7a29e02c3c5ec4cf8c2116f660119021a487c04f34f622e1c2ce

    • SHA512

      dcdc8b8dace4e69292a9f76f3f97e935b0e2b99ba2d9676283ee5a4b57360e91361ac99d69f3bfa7004f5188faf5fd3791a7c1d2f08824903fda92d557a53b05

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12g:ymb3NkkiQ3mdBjFIFdJmd

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks