General

  • Target

    e1784f71ef32ec62aab836ff397ca7c0_NeikiAnalytics.exe

  • Size

    362KB

  • Sample

    240518-stnk5aab25

  • MD5

    e1784f71ef32ec62aab836ff397ca7c0

  • SHA1

    5c631050025922f85efcd88b3be31115295860ba

  • SHA256

    9f04a51a82858c2887f94345b6121104ec7077591d15469e02080bb7932e5614

  • SHA512

    985c2b4994a0476a77d0cdf0767eb265df4bd617d9c0bfd360a6e34d6c28b3c0ecc40a1ee1f25221dbf1bb09c99d8029cc45b3f51b0827c31f42175db57ee2e3

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBu6:n3C9ytvngQj429nnzeZhBR

Malware Config

Targets

    • Target

      e1784f71ef32ec62aab836ff397ca7c0_NeikiAnalytics.exe

    • Size

      362KB

    • MD5

      e1784f71ef32ec62aab836ff397ca7c0

    • SHA1

      5c631050025922f85efcd88b3be31115295860ba

    • SHA256

      9f04a51a82858c2887f94345b6121104ec7077591d15469e02080bb7932e5614

    • SHA512

      985c2b4994a0476a77d0cdf0767eb265df4bd617d9c0bfd360a6e34d6c28b3c0ecc40a1ee1f25221dbf1bb09c99d8029cc45b3f51b0827c31f42175db57ee2e3

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBu6:n3C9ytvngQj429nnzeZhBR

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks