General

  • Target

    de5cac4bab409e0ddbd1bc98b5095800_NeikiAnalytics.exe

  • Size

    95KB

  • Sample

    240518-sg1pxshc98

  • MD5

    de5cac4bab409e0ddbd1bc98b5095800

  • SHA1

    d9cb79506312f88f3a52ec471175fa817f61d407

  • SHA256

    3567e43d5c76fc2cb9b0c900a1d6c17cc0d2113fd48e60419749636386399b8b

  • SHA512

    defe7004c87635db23675a1006c135aaed4bab2b3d9823a6ed90757215c5b49c7f109e45db9dd850d9f9a9637dae9db202d71fba1bfcb89d63d7064618f8ca01

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxEPOfPrAi:ymb3NkkiQ3mdBjFo73PYP1lri3KuOnrR

Malware Config

Targets

    • Target

      de5cac4bab409e0ddbd1bc98b5095800_NeikiAnalytics.exe

    • Size

      95KB

    • MD5

      de5cac4bab409e0ddbd1bc98b5095800

    • SHA1

      d9cb79506312f88f3a52ec471175fa817f61d407

    • SHA256

      3567e43d5c76fc2cb9b0c900a1d6c17cc0d2113fd48e60419749636386399b8b

    • SHA512

      defe7004c87635db23675a1006c135aaed4bab2b3d9823a6ed90757215c5b49c7f109e45db9dd850d9f9a9637dae9db202d71fba1bfcb89d63d7064618f8ca01

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxEPOfPrAi:ymb3NkkiQ3mdBjFo73PYP1lri3KuOnrR

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks