General

  • Target

    8e88a18128b197533de31b961a56cc10_NeikiAnalytics.exe

  • Size

    75KB

  • Sample

    240519-g141xaeb37

  • MD5

    8e88a18128b197533de31b961a56cc10

  • SHA1

    5951543af24e3d6036b8abec6a52e63b9c0d2828

  • SHA256

    904fdcfa4c8f441b2153f8a90fd917f2693165915301054af88a5e12cbbb08ee

  • SHA512

    bb2a5fd562a7b624d607718802ac3711abb6b75cc0081103bf36297aa406b4a6b99940ca29366867871429962b54e0ef9984c3d92d786b5027cd815d0e39b7fb

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIpWCz+FR4RzWqC5f:ymb3NkkiQ3mdBjFIsIpZ+R4RzWqCx

Malware Config

Targets

    • Target

      8e88a18128b197533de31b961a56cc10_NeikiAnalytics.exe

    • Size

      75KB

    • MD5

      8e88a18128b197533de31b961a56cc10

    • SHA1

      5951543af24e3d6036b8abec6a52e63b9c0d2828

    • SHA256

      904fdcfa4c8f441b2153f8a90fd917f2693165915301054af88a5e12cbbb08ee

    • SHA512

      bb2a5fd562a7b624d607718802ac3711abb6b75cc0081103bf36297aa406b4a6b99940ca29366867871429962b54e0ef9984c3d92d786b5027cd815d0e39b7fb

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIpWCz+FR4RzWqC5f:ymb3NkkiQ3mdBjFIsIpZ+R4RzWqCx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks