General

  • Target

    1d0953d05efec3e53c3fb8ffbd3a8cd0_NeikiAnalytics.exe

  • Size

    81KB

  • Sample

    240602-byk75aed2z

  • MD5

    1d0953d05efec3e53c3fb8ffbd3a8cd0

  • SHA1

    5dcaed28bf86dbe8a84341e4409e4b1e921a1168

  • SHA256

    314b32a30e4c2f5619c10e323343c6cd1d30042a7a5480f7c74e3cbf5f49c221

  • SHA512

    b63c8537f82245e71aae1612043b7832e966d0412600c17509782ece9cc32754ed1f0088d3666d7a936f41896b34a9cd5b0c14c4a8186070465a63d90d7e00a9

  • SSDEEP

    1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6T7QV:zhOmTsF93UYfwC6GIoutiTU2HVS63QV

Malware Config

Targets

    • Target

      1d0953d05efec3e53c3fb8ffbd3a8cd0_NeikiAnalytics.exe

    • Size

      81KB

    • MD5

      1d0953d05efec3e53c3fb8ffbd3a8cd0

    • SHA1

      5dcaed28bf86dbe8a84341e4409e4b1e921a1168

    • SHA256

      314b32a30e4c2f5619c10e323343c6cd1d30042a7a5480f7c74e3cbf5f49c221

    • SHA512

      b63c8537f82245e71aae1612043b7832e966d0412600c17509782ece9cc32754ed1f0088d3666d7a936f41896b34a9cd5b0c14c4a8186070465a63d90d7e00a9

    • SSDEEP

      1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6T7QV:zhOmTsF93UYfwC6GIoutiTU2HVS63QV

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks