General

  • Target

    6a7115fb6bf0496dab42b14ee6d5b470_NeikiAnalytics.exe

  • Size

    79KB

  • Sample

    240523-bk8fhaga7t

  • MD5

    6a7115fb6bf0496dab42b14ee6d5b470

  • SHA1

    ab46f5e2a4dbc3c5be0cd03cc3af5448661e0633

  • SHA256

    8f2a49a1147bae3b334f719d950e796350e70141268da8fd42b0d4c8c4af76b7

  • SHA512

    9d0b1994703c6bacdbc8fa0ecc5a7c353794185e3c8a0bd4ea8e20e0013d1ad4d4d12f6e7e880308d1417ce2b63c59ad812fc4ae71b7237257d20987801a0088

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgJb31HgxGc+gmvZW6DWfv5:ymb3NkkiQ3mdBjFIUb31HgxL+gmvZW6a

Malware Config

Targets

    • Target

      6a7115fb6bf0496dab42b14ee6d5b470_NeikiAnalytics.exe

    • Size

      79KB

    • MD5

      6a7115fb6bf0496dab42b14ee6d5b470

    • SHA1

      ab46f5e2a4dbc3c5be0cd03cc3af5448661e0633

    • SHA256

      8f2a49a1147bae3b334f719d950e796350e70141268da8fd42b0d4c8c4af76b7

    • SHA512

      9d0b1994703c6bacdbc8fa0ecc5a7c353794185e3c8a0bd4ea8e20e0013d1ad4d4d12f6e7e880308d1417ce2b63c59ad812fc4ae71b7237257d20987801a0088

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgJb31HgxGc+gmvZW6DWfv5:ymb3NkkiQ3mdBjFIUb31HgxL+gmvZW6a

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks