General

  • Target

    df269f2a9dc0d6f49127ff986c207a60_NeikiAnalytics.exe

  • Size

    202KB

  • Sample

    240518-sk86gahd7x

  • MD5

    df269f2a9dc0d6f49127ff986c207a60

  • SHA1

    0fb24541c76fa843b98e274e8c7eb0370a33fd00

  • SHA256

    b7329d5bf12354c47eaa5d6dcdfc32e036354c85be3993465966612d98fef0f6

  • SHA512

    bd9698375c54d6b05f9bc54ae8e85f5ebcc5313313d2e5e94f2e1ea9d9896d2d7e8a44e1917a0d0c44d0f12ebdad26ab96a93de0f0469e42d6d3e1bfed3ca26e

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+C2HVM1p6T7y:PhOm2sI93UufdC67ciJTU2HVS63y

Malware Config

Targets

    • Target

      df269f2a9dc0d6f49127ff986c207a60_NeikiAnalytics.exe

    • Size

      202KB

    • MD5

      df269f2a9dc0d6f49127ff986c207a60

    • SHA1

      0fb24541c76fa843b98e274e8c7eb0370a33fd00

    • SHA256

      b7329d5bf12354c47eaa5d6dcdfc32e036354c85be3993465966612d98fef0f6

    • SHA512

      bd9698375c54d6b05f9bc54ae8e85f5ebcc5313313d2e5e94f2e1ea9d9896d2d7e8a44e1917a0d0c44d0f12ebdad26ab96a93de0f0469e42d6d3e1bfed3ca26e

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+C2HVM1p6T7y:PhOm2sI93UufdC67ciJTU2HVS63y

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks