General

  • Target

    5e19d436e2167778eb5596e16c49fb20_NeikiAnalytics.exe

  • Size

    440KB

  • Sample

    240530-blawmaha6x

  • MD5

    5e19d436e2167778eb5596e16c49fb20

  • SHA1

    f8e48141d4318f5cf47b3a1d8f8faf37b0c3634e

  • SHA256

    45255d4f37ac8ffba92977d0c93f70855dc8191f72822b03881f5a195d07f830

  • SHA512

    377036011e5137ef6e770a650927ff3a36d4b73a1fb9e11b6ca49e4c4aa4006c6024c827a1cdc236c9253e208ea22c0c747da48511654f027cc05afe1abfa351

  • SSDEEP

    6144:xozXQKqfmiiyWwuiFOLeyOV0R7YRXxMSaAP:xgXQKSLpOCtV0R8xMSaAP

Score
10/10

Malware Config

Targets

    • Target

      5e19d436e2167778eb5596e16c49fb20_NeikiAnalytics.exe

    • Size

      440KB

    • MD5

      5e19d436e2167778eb5596e16c49fb20

    • SHA1

      f8e48141d4318f5cf47b3a1d8f8faf37b0c3634e

    • SHA256

      45255d4f37ac8ffba92977d0c93f70855dc8191f72822b03881f5a195d07f830

    • SHA512

      377036011e5137ef6e770a650927ff3a36d4b73a1fb9e11b6ca49e4c4aa4006c6024c827a1cdc236c9253e208ea22c0c747da48511654f027cc05afe1abfa351

    • SSDEEP

      6144:xozXQKqfmiiyWwuiFOLeyOV0R7YRXxMSaAP:xgXQKSLpOCtV0R8xMSaAP

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.