General

  • Target

    dce546f57003a6bb4b3607e4d3e2aa20_NeikiAnalytics.exe

  • Size

    333KB

  • Sample

    240518-sb6nzsgh6w

  • MD5

    dce546f57003a6bb4b3607e4d3e2aa20

  • SHA1

    0a3812ac1fbb4b45d9e49268abbcd291430b7bfd

  • SHA256

    376dcc44c5d7ca6fe3d00ca19a0853c4d4e38b43b078681fd895781fa9ff58d3

  • SHA512

    fb9b2446ccadd5b6d7c4f03fe85654016f8ad6dabdee71b69d6406912c2d966d4ffaaf709f7e672910583709c7e0af0923e8a6b6e0f7d4a23a2ae812447f80fe

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1ig:x4wFHoS3eFaKHpv/VycgE8F

Malware Config

Targets

    • Target

      dce546f57003a6bb4b3607e4d3e2aa20_NeikiAnalytics.exe

    • Size

      333KB

    • MD5

      dce546f57003a6bb4b3607e4d3e2aa20

    • SHA1

      0a3812ac1fbb4b45d9e49268abbcd291430b7bfd

    • SHA256

      376dcc44c5d7ca6fe3d00ca19a0853c4d4e38b43b078681fd895781fa9ff58d3

    • SHA512

      fb9b2446ccadd5b6d7c4f03fe85654016f8ad6dabdee71b69d6406912c2d966d4ffaaf709f7e672910583709c7e0af0923e8a6b6e0f7d4a23a2ae812447f80fe

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1ig:x4wFHoS3eFaKHpv/VycgE8F

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks