General

  • Target

    619089489b8649194369db2f2a308c00_NeikiAnalytics.exe

  • Size

    211KB

  • Sample

    240530-dga2yada23

  • MD5

    619089489b8649194369db2f2a308c00

  • SHA1

    3cadffbf5c17f7718afd14d1216a0542387f814a

  • SHA256

    92529b42243a75827fe56eec5c0f60f98ae670263b98ecd1667091d14f5d048e

  • SHA512

    9fb0fe84eb73acf239aafd4805b78379187b547a3e36364fef6e06fd9dd773646a685c28cd26094699547b8f4bf174099e42ac172bd9092d6bb4f5f8ddf9b135

  • SSDEEP

    6144:Hcm4FmowdHoSrXZf8l/ubPzYNLPf4t+lQ:V4wFHoSBK/ubLcfy

Malware Config

Targets

    • Target

      619089489b8649194369db2f2a308c00_NeikiAnalytics.exe

    • Size

      211KB

    • MD5

      619089489b8649194369db2f2a308c00

    • SHA1

      3cadffbf5c17f7718afd14d1216a0542387f814a

    • SHA256

      92529b42243a75827fe56eec5c0f60f98ae670263b98ecd1667091d14f5d048e

    • SHA512

      9fb0fe84eb73acf239aafd4805b78379187b547a3e36364fef6e06fd9dd773646a685c28cd26094699547b8f4bf174099e42ac172bd9092d6bb4f5f8ddf9b135

    • SSDEEP

      6144:Hcm4FmowdHoSrXZf8l/ubPzYNLPf4t+lQ:V4wFHoSBK/ubLcfy

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks