General

  • Target

    533d1db68c45e51f86d347c887181d10_NeikiAnalytics.exe

  • Size

    222KB

  • Sample

    240530-qz8gdabf74

  • MD5

    533d1db68c45e51f86d347c887181d10

  • SHA1

    415351a4cc1681035ad8a6b89ca94fb9f743da29

  • SHA256

    a933116eee90795339fe6282b24b4e7975c8807a530a60867c5bee99d20454bd

  • SHA512

    e7fff678d644dec988ff00b852194812fd3aa8fce82380537b3110b39f72899988b1a6a5b11b7b3884647a7a077776b4b2965931c43e24da9fc988e4da896ea5

  • SSDEEP

    3072:us6tuBt6dtwBJ7WpjDEnkeBahPmSBPt7ZY1m/YjMof/ur3KJSE:us6tQ8MlMjit4hPhTlYwYjMom7E

Malware Config

Targets

    • Target

      533d1db68c45e51f86d347c887181d10_NeikiAnalytics.exe

    • Size

      222KB

    • MD5

      533d1db68c45e51f86d347c887181d10

    • SHA1

      415351a4cc1681035ad8a6b89ca94fb9f743da29

    • SHA256

      a933116eee90795339fe6282b24b4e7975c8807a530a60867c5bee99d20454bd

    • SHA512

      e7fff678d644dec988ff00b852194812fd3aa8fce82380537b3110b39f72899988b1a6a5b11b7b3884647a7a077776b4b2965931c43e24da9fc988e4da896ea5

    • SSDEEP

      3072:us6tuBt6dtwBJ7WpjDEnkeBahPmSBPt7ZY1m/YjMof/ur3KJSE:us6tQ8MlMjit4hPhTlYwYjMom7E

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks