General

  • Target

    3350ce512a5aceeda5f55f89b6e1ec50_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240518-xr8whabb74

  • MD5

    3350ce512a5aceeda5f55f89b6e1ec50

  • SHA1

    13260bc21ae71ba5b323af73b30db504dec4c744

  • SHA256

    65134e4c003ec40ff73f022869566a379a01b12cb813f5d0ba37928e19046e2f

  • SHA512

    4c644aaec987e99f14ae0725c093fe1eb1d75aef1d8023b86db7ece66cf1c7a5601cac982df8bbb1a4e281d332cbb573c872dafc829d9f0b59f501093c66213c

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7q:n3C9uYA71kSMu08px7q

Malware Config

Targets

    • Target

      3350ce512a5aceeda5f55f89b6e1ec50_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      3350ce512a5aceeda5f55f89b6e1ec50

    • SHA1

      13260bc21ae71ba5b323af73b30db504dec4c744

    • SHA256

      65134e4c003ec40ff73f022869566a379a01b12cb813f5d0ba37928e19046e2f

    • SHA512

      4c644aaec987e99f14ae0725c093fe1eb1d75aef1d8023b86db7ece66cf1c7a5601cac982df8bbb1a4e281d332cbb573c872dafc829d9f0b59f501093c66213c

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7q:n3C9uYA71kSMu08px7q

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks