General

  • Target

    650a30a1bfa12db10a811ca8edd1a810_NeikiAnalytics.exe

  • Size

    185KB

  • Sample

    240530-fcn44sfa7y

  • MD5

    650a30a1bfa12db10a811ca8edd1a810

  • SHA1

    68c76ea52e040d14095483e4c0eee6a4c46f5176

  • SHA256

    ea537a64ada8b3bb44bbed45d74ec94c961bf3cfd48520baa779f5ffdbc0609a

  • SHA512

    6bc67fbedd9b07303b5356dd292b324dfdf820abe49dcb1e501fbb1c2cb1e35e8a0aba06915802111f904a65e9a9a361fc0942391271a4dcda68f9fbaba74cf5

  • SSDEEP

    3072:3hOmTsF93UYfwC6GIoutw8YcvrqrE66kropO6BWlPFH4tw1D43eMc:3cm4FmowdHoSzhraHcpOFltH4twl43vc

Malware Config

Targets

    • Target

      650a30a1bfa12db10a811ca8edd1a810_NeikiAnalytics.exe

    • Size

      185KB

    • MD5

      650a30a1bfa12db10a811ca8edd1a810

    • SHA1

      68c76ea52e040d14095483e4c0eee6a4c46f5176

    • SHA256

      ea537a64ada8b3bb44bbed45d74ec94c961bf3cfd48520baa779f5ffdbc0609a

    • SHA512

      6bc67fbedd9b07303b5356dd292b324dfdf820abe49dcb1e501fbb1c2cb1e35e8a0aba06915802111f904a65e9a9a361fc0942391271a4dcda68f9fbaba74cf5

    • SSDEEP

      3072:3hOmTsF93UYfwC6GIoutw8YcvrqrE66kropO6BWlPFH4tw1D43eMc:3cm4FmowdHoSzhraHcpOFltH4twl43vc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks