General

  • Target

    e33d82ffaa3642f8f095e23f67207540_NeikiAnalytics.exe

  • Size

    371KB

  • Sample

    240518-szlcysae38

  • MD5

    e33d82ffaa3642f8f095e23f67207540

  • SHA1

    de5fdbae386bf092cd06584cc197a5bf8d44dce2

  • SHA256

    2f59f6cf186ce7ea2546064be76ef4a80d605ecbf62bf006de901d32c5991c9f

  • SHA512

    6542e0adb56b342655ebb5dcfac4597d410d963a877db6bbb7267bdb2d79678ee886f0eab5d40a8f0bcbf2ca399175ed8797213d7717cc1abdd93ba5cdc914e2

  • SSDEEP

    6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMX:n3C9uYA7i3/stR9HGYyvtTxTKMU

Malware Config

Targets

    • Target

      e33d82ffaa3642f8f095e23f67207540_NeikiAnalytics.exe

    • Size

      371KB

    • MD5

      e33d82ffaa3642f8f095e23f67207540

    • SHA1

      de5fdbae386bf092cd06584cc197a5bf8d44dce2

    • SHA256

      2f59f6cf186ce7ea2546064be76ef4a80d605ecbf62bf006de901d32c5991c9f

    • SHA512

      6542e0adb56b342655ebb5dcfac4597d410d963a877db6bbb7267bdb2d79678ee886f0eab5d40a8f0bcbf2ca399175ed8797213d7717cc1abdd93ba5cdc914e2

    • SSDEEP

      6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMX:n3C9uYA7i3/stR9HGYyvtTxTKMU

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks