General

  • Target

    184143f6c170139189008c1087f7ae90_NeikiAnalytics.exe

  • Size

    180KB

  • Sample

    240519-xbk5hacc2w

  • MD5

    184143f6c170139189008c1087f7ae90

  • SHA1

    ec649e9b43d888ddbca405153f8521663ffc7119

  • SHA256

    1ab957d1b6b336153a7a0646b185a386bb80b0a4a9c400223424e5a8a2343561

  • SHA512

    540c90dfa2e0066f194db81fdb129694c7862b7255f36e1a21d0c96dd04852b5ac0518e4139812c8a623da188d2dd13f6832453f30b57e0b393a1cdfd1ea2b15

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJPhbMm:PhOm2sI93UufdC67ciJTm5hIm

Malware Config

Targets

    • Target

      184143f6c170139189008c1087f7ae90_NeikiAnalytics.exe

    • Size

      180KB

    • MD5

      184143f6c170139189008c1087f7ae90

    • SHA1

      ec649e9b43d888ddbca405153f8521663ffc7119

    • SHA256

      1ab957d1b6b336153a7a0646b185a386bb80b0a4a9c400223424e5a8a2343561

    • SHA512

      540c90dfa2e0066f194db81fdb129694c7862b7255f36e1a21d0c96dd04852b5ac0518e4139812c8a623da188d2dd13f6832453f30b57e0b393a1cdfd1ea2b15

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJPhbMm:PhOm2sI93UufdC67ciJTm5hIm

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks