General

  • Target

    a4356b0557f192debc47484d9194f0c0_NeikiAnalytics.exe

  • Size

    224KB

  • Sample

    240603-p67yrafb7s

  • MD5

    a4356b0557f192debc47484d9194f0c0

  • SHA1

    18a1e42c273cac6dd56ea6edf8210bc6c802c873

  • SHA256

    582eed74bf8ccb1f7a663066784a73493501c10730f74dfb28945223f49cc652

  • SHA512

    6e1cfcd2aa4491e43fb36f9a38d513613bd29826422657a5f8a0c04c34c0f7eafddbf51d72351ca6ec8d7b9e208761bef66265a2d17399b5fe1426d6e11eca40

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL7d:n3C9BRo7MlrWKo+lxK5

Malware Config

Targets

    • Target

      a4356b0557f192debc47484d9194f0c0_NeikiAnalytics.exe

    • Size

      224KB

    • MD5

      a4356b0557f192debc47484d9194f0c0

    • SHA1

      18a1e42c273cac6dd56ea6edf8210bc6c802c873

    • SHA256

      582eed74bf8ccb1f7a663066784a73493501c10730f74dfb28945223f49cc652

    • SHA512

      6e1cfcd2aa4491e43fb36f9a38d513613bd29826422657a5f8a0c04c34c0f7eafddbf51d72351ca6ec8d7b9e208761bef66265a2d17399b5fe1426d6e11eca40

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL7d:n3C9BRo7MlrWKo+lxK5

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks