General

  • Target

    a3f5d4bace6a31f1d169342456143470_NeikiAnalytics.exe

  • Size

    174KB

  • Sample

    240603-p1x7csgd24

  • MD5

    a3f5d4bace6a31f1d169342456143470

  • SHA1

    12896b3a86a9895bebc34ea61be2ef6688070e26

  • SHA256

    bb2922309240de82a1c4051528931bfad010870e0321109f0b84270bef7d843c

  • SHA512

    45cb85254e9e065db47e963a8510b0660cc16f36c1a8985f763d683e7a8cc5d3ebdb76933ade9e25454880bc2c1b0ec64c866727dc3b272f31188d33e1729855

  • SSDEEP

    3072:6hOmTsF93UYfwC6GIoutQ0tSe5yLpcka62c+8+dRNN7Yk+6C2Wr:6cm4FmowdHoSQ0tH6lCXb7Ybr

Malware Config

Targets

    • Target

      a3f5d4bace6a31f1d169342456143470_NeikiAnalytics.exe

    • Size

      174KB

    • MD5

      a3f5d4bace6a31f1d169342456143470

    • SHA1

      12896b3a86a9895bebc34ea61be2ef6688070e26

    • SHA256

      bb2922309240de82a1c4051528931bfad010870e0321109f0b84270bef7d843c

    • SHA512

      45cb85254e9e065db47e963a8510b0660cc16f36c1a8985f763d683e7a8cc5d3ebdb76933ade9e25454880bc2c1b0ec64c866727dc3b272f31188d33e1729855

    • SSDEEP

      3072:6hOmTsF93UYfwC6GIoutQ0tSe5yLpcka62c+8+dRNN7Yk+6C2Wr:6cm4FmowdHoSQ0tH6lCXb7Ybr

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks