General

  • Target

    7172126158ab77902e0f68a0eadba970_NeikiAnalytics.exe

  • Size

    365KB

  • Sample

    240523-b9ff1shc9v

  • MD5

    7172126158ab77902e0f68a0eadba970

  • SHA1

    0c935d475865024cfc7541a6472eccbb85e68e6a

  • SHA256

    0754ec5a288c358ddd09cb7d9bac10492a38f649aca7e20ca24ed2e795661caf

  • SHA512

    3a89f25de3f5c569ace4d9010a9dde7f741a9396fbea5d9b05cd3d18a3bbdd9da9fe7a8e5712bcf799f0ddd181583b14f6e7021baac8cbfe7a2076de45fada22

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwu1b26X1wjdgyPPBR:R4wFHoSHYHUrAwqzQ7PPr

Malware Config

Targets

    • Target

      7172126158ab77902e0f68a0eadba970_NeikiAnalytics.exe

    • Size

      365KB

    • MD5

      7172126158ab77902e0f68a0eadba970

    • SHA1

      0c935d475865024cfc7541a6472eccbb85e68e6a

    • SHA256

      0754ec5a288c358ddd09cb7d9bac10492a38f649aca7e20ca24ed2e795661caf

    • SHA512

      3a89f25de3f5c569ace4d9010a9dde7f741a9396fbea5d9b05cd3d18a3bbdd9da9fe7a8e5712bcf799f0ddd181583b14f6e7021baac8cbfe7a2076de45fada22

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwu1b26X1wjdgyPPBR:R4wFHoSHYHUrAwqzQ7PPr

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks