General

  • Target

    e21d9962e94ad5d160d8be0d18c690f0_NeikiAnalytics.exe

  • Size

    92KB

  • Sample

    240518-swfnasab3s

  • MD5

    e21d9962e94ad5d160d8be0d18c690f0

  • SHA1

    8cf8ef36723503e55a3b99615abf568a736271e0

  • SHA256

    c9308bbc7c7f949f2153801b0c1012dc23efea09a8bd2f1fe357b8d15a56714f

  • SHA512

    b8b2066957f06f5e5f6391c25b20f88a0c468167f8c9fd5248635fa7abc462898eb600fd3e309686d8b7dfece3c5854f3e7fd8ab892ae73a0b20813f027397fb

  • SSDEEP

    1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWpWj:8hOmTsF93UYfwC6GIout0fmCiiiXA6mM

Malware Config

Targets

    • Target

      e21d9962e94ad5d160d8be0d18c690f0_NeikiAnalytics.exe

    • Size

      92KB

    • MD5

      e21d9962e94ad5d160d8be0d18c690f0

    • SHA1

      8cf8ef36723503e55a3b99615abf568a736271e0

    • SHA256

      c9308bbc7c7f949f2153801b0c1012dc23efea09a8bd2f1fe357b8d15a56714f

    • SHA512

      b8b2066957f06f5e5f6391c25b20f88a0c468167f8c9fd5248635fa7abc462898eb600fd3e309686d8b7dfece3c5854f3e7fd8ab892ae73a0b20813f027397fb

    • SSDEEP

      1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWpWj:8hOmTsF93UYfwC6GIout0fmCiiiXA6mM

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks