General

  • Target

    df54454369cce5269387fee3507ffc50_NeikiAnalytics.exe

  • Size

    224KB

  • Sample

    240518-sltr6shd9z

  • MD5

    df54454369cce5269387fee3507ffc50

  • SHA1

    2b63be7dda0deb5d4f18dd2cdcacd2f0acc801b3

  • SHA256

    270ba7f003a66966be1b934106fe7df82b065136ce04ce0b8d7f71ac2b896118

  • SHA512

    8850c80d4a58df5390c1556b5603063db801e4ffc5914bc21f8e1ce4038dec35ca57604839af85738bf647d4b67d566d98f6ad7f988424b86c871e4d6e5f97c3

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL7h:n3C9BRo7MlrWKo+lxKt

Malware Config

Targets

    • Target

      df54454369cce5269387fee3507ffc50_NeikiAnalytics.exe

    • Size

      224KB

    • MD5

      df54454369cce5269387fee3507ffc50

    • SHA1

      2b63be7dda0deb5d4f18dd2cdcacd2f0acc801b3

    • SHA256

      270ba7f003a66966be1b934106fe7df82b065136ce04ce0b8d7f71ac2b896118

    • SHA512

      8850c80d4a58df5390c1556b5603063db801e4ffc5914bc21f8e1ce4038dec35ca57604839af85738bf647d4b67d566d98f6ad7f988424b86c871e4d6e5f97c3

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL7h:n3C9BRo7MlrWKo+lxKt

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks