General

  • Target

    3e8c3c536d1fb5ef4d506c5acc8b8420_NeikiAnalytics.exe

  • Size

    95KB

  • Sample

    240602-f2ypvacd2v

  • MD5

    3e8c3c536d1fb5ef4d506c5acc8b8420

  • SHA1

    b347039daa84ead5787f3d4d85e5bbc33416d2ad

  • SHA256

    296b1b0a81575db2b7277b23ad109a16330e30c52aeddf10c274c9ab093c6644

  • SHA512

    7b0924a3c1a1b865f7bc8ff76552270b3e2077a9a212ac871dc786a12c9835c72b4afe36fa33bff5714c403efa79de3ca042adf0bc34c3e3517ccd25b6519bed

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxEPOfPrAW:ymb3NkkiQ3mdBjFo73PYP1lri3KuOnrR

Malware Config

Targets

    • Target

      3e8c3c536d1fb5ef4d506c5acc8b8420_NeikiAnalytics.exe

    • Size

      95KB

    • MD5

      3e8c3c536d1fb5ef4d506c5acc8b8420

    • SHA1

      b347039daa84ead5787f3d4d85e5bbc33416d2ad

    • SHA256

      296b1b0a81575db2b7277b23ad109a16330e30c52aeddf10c274c9ab093c6644

    • SHA512

      7b0924a3c1a1b865f7bc8ff76552270b3e2077a9a212ac871dc786a12c9835c72b4afe36fa33bff5714c403efa79de3ca042adf0bc34c3e3517ccd25b6519bed

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxEPOfPrAW:ymb3NkkiQ3mdBjFo73PYP1lri3KuOnrR

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks