General

  • Target

    91ff6c48df9c11d80cf91dd37b3b1a10_NeikiAnalytics.exe

  • Size

    103KB

  • Sample

    240601-hxx9maec44

  • MD5

    91ff6c48df9c11d80cf91dd37b3b1a10

  • SHA1

    c3ae48eb15c61b918b6a02a3366621534229bc4a

  • SHA256

    c0396674dc1f3bd16806afe2fb51c53358126b51b28290139cce6bacf316a505

  • SHA512

    06b54e9c84d4e938217eebbfdc4dd5ac11a4c02996b272734fbee0ba3c78c490d33d2c70524caa0be7a1c2ff63f8e54893500bf006bf2155b0e008ebfc4ee454

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoTNKDeS98hPUdHV7RNzfnLnN3oT:ymb3NkkiQ3mdBjFo5KDe88g1fR8R

Malware Config

Targets

    • Target

      91ff6c48df9c11d80cf91dd37b3b1a10_NeikiAnalytics.exe

    • Size

      103KB

    • MD5

      91ff6c48df9c11d80cf91dd37b3b1a10

    • SHA1

      c3ae48eb15c61b918b6a02a3366621534229bc4a

    • SHA256

      c0396674dc1f3bd16806afe2fb51c53358126b51b28290139cce6bacf316a505

    • SHA512

      06b54e9c84d4e938217eebbfdc4dd5ac11a4c02996b272734fbee0ba3c78c490d33d2c70524caa0be7a1c2ff63f8e54893500bf006bf2155b0e008ebfc4ee454

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoTNKDeS98hPUdHV7RNzfnLnN3oT:ymb3NkkiQ3mdBjFo5KDe88g1fR8R

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks