General

  • Target

    de4e78ef05f739275746bc976c413a40_NeikiAnalytics.exe

  • Size

    81KB

  • Sample

    240518-sgpyeshb8w

  • MD5

    de4e78ef05f739275746bc976c413a40

  • SHA1

    d819b98a3b0b83ef5deeccc72aba3451d2b20973

  • SHA256

    446609db2f52fb14bfd1305fb7b01cbb82094952cb1fe03102b113795b1f5e58

  • SHA512

    8a99b31ef03e4fdd7d4133174c4bd9c363c6cdc0f107560020c468e2e4d98857f7b62f1a09cfb7c54df404303e67b37907ef59b7b4936317ecb255b99c6abc17

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo7xCkTsIwtOa2dYS8nj9:ymb3NkkiQ3mdBjFo7LAIbT6j9

Malware Config

Targets

    • Target

      de4e78ef05f739275746bc976c413a40_NeikiAnalytics.exe

    • Size

      81KB

    • MD5

      de4e78ef05f739275746bc976c413a40

    • SHA1

      d819b98a3b0b83ef5deeccc72aba3451d2b20973

    • SHA256

      446609db2f52fb14bfd1305fb7b01cbb82094952cb1fe03102b113795b1f5e58

    • SHA512

      8a99b31ef03e4fdd7d4133174c4bd9c363c6cdc0f107560020c468e2e4d98857f7b62f1a09cfb7c54df404303e67b37907ef59b7b4936317ecb255b99c6abc17

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo7xCkTsIwtOa2dYS8nj9:ymb3NkkiQ3mdBjFo7LAIbT6j9

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks