General

  • Target

    531afecf144f8f7296d72bcc557aaa40_NeikiAnalytics.exe

  • Size

    251KB

  • Sample

    240530-pab67she49

  • MD5

    531afecf144f8f7296d72bcc557aaa40

  • SHA1

    aa961b64e4b4886938d62ba59fe89404430de701

  • SHA256

    4c2cdea434aaed1d8ef22e85f31592f7abf811e4d4bce3b60fb21868462d70b6

  • SHA512

    7fb4d27bbbd11102a726e7d426d83032a240089fd0cb36b6008929c5be64ff067305844beb57b5de15db15b95d00a4031d44f17bda03d2130f3c9ccec31a52eb

  • SSDEEP

    3072:chOmTsF93UYfwC6GIoutieyhC2lbgGi5yLpcgDE4JBuItR8pTsgZ9WT4iaz+h:ccm4FmowdHoSi9EIBftapTs4WZazI

Malware Config

Targets

    • Target

      531afecf144f8f7296d72bcc557aaa40_NeikiAnalytics.exe

    • Size

      251KB

    • MD5

      531afecf144f8f7296d72bcc557aaa40

    • SHA1

      aa961b64e4b4886938d62ba59fe89404430de701

    • SHA256

      4c2cdea434aaed1d8ef22e85f31592f7abf811e4d4bce3b60fb21868462d70b6

    • SHA512

      7fb4d27bbbd11102a726e7d426d83032a240089fd0cb36b6008929c5be64ff067305844beb57b5de15db15b95d00a4031d44f17bda03d2130f3c9ccec31a52eb

    • SSDEEP

      3072:chOmTsF93UYfwC6GIoutieyhC2lbgGi5yLpcgDE4JBuItR8pTsgZ9WT4iaz+h:ccm4FmowdHoSi9EIBftapTs4WZazI

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks