General

  • Target

    85c9b26eb5cc78b5a6f936ef1b1be870_NeikiAnalytics.exe

  • Size

    115KB

  • Sample

    240523-zmjf6afh4v

  • MD5

    85c9b26eb5cc78b5a6f936ef1b1be870

  • SHA1

    04888c5d23205b8cc8bb893ee375a1f3e3e7c28d

  • SHA256

    a39ab4603577fd45f487ca280bb56404013a447c79e784ea7a4ff1fe289f6333

  • SHA512

    19f422a1310c7b8c4f00b0f916543615f9fef8cc8f78e23174d5ad7dce669fb9240d5b3b6cc26ec0ed6cc2087371ddcff65ba950451fbeaab2355c80379c4f47

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmjlkFZ:n3C9BRosxW8MFHLMWvl+

Malware Config

Targets

    • Target

      85c9b26eb5cc78b5a6f936ef1b1be870_NeikiAnalytics.exe

    • Size

      115KB

    • MD5

      85c9b26eb5cc78b5a6f936ef1b1be870

    • SHA1

      04888c5d23205b8cc8bb893ee375a1f3e3e7c28d

    • SHA256

      a39ab4603577fd45f487ca280bb56404013a447c79e784ea7a4ff1fe289f6333

    • SHA512

      19f422a1310c7b8c4f00b0f916543615f9fef8cc8f78e23174d5ad7dce669fb9240d5b3b6cc26ec0ed6cc2087371ddcff65ba950451fbeaab2355c80379c4f47

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmjlkFZ:n3C9BRosxW8MFHLMWvl+

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks