General

  • Target

    a4d80a476301d1af81a9b73f0eb1e1d0_NeikiAnalytics.exe

  • Size

    56KB

  • Sample

    240603-qm8xdafg9x

  • MD5

    a4d80a476301d1af81a9b73f0eb1e1d0

  • SHA1

    34b20c1ffff7e01e39ba94f7613ef2ec5c52a735

  • SHA256

    2c54a6a502f769b703028eab0ebbdc9f677569d6b2943ad5e42b1b5f13a32d18

  • SHA512

    f0b1da0fd381573100d6c901c6ebccf9f8323962257f5ad7b41c4bc696b44188d3bdcd3c469c1f91cf277adad42176fa42a75a0422c24185bd81ef601856a95d

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVVb:ymb3NkkiQ3mdBjF0crVb

Malware Config

Targets

    • Target

      a4d80a476301d1af81a9b73f0eb1e1d0_NeikiAnalytics.exe

    • Size

      56KB

    • MD5

      a4d80a476301d1af81a9b73f0eb1e1d0

    • SHA1

      34b20c1ffff7e01e39ba94f7613ef2ec5c52a735

    • SHA256

      2c54a6a502f769b703028eab0ebbdc9f677569d6b2943ad5e42b1b5f13a32d18

    • SHA512

      f0b1da0fd381573100d6c901c6ebccf9f8323962257f5ad7b41c4bc696b44188d3bdcd3c469c1f91cf277adad42176fa42a75a0422c24185bd81ef601856a95d

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVVb:ymb3NkkiQ3mdBjF0crVb

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks