General

  • Target

    a507f89791b8abffaded4a48717c9f60_NeikiAnalytics.exe

  • Size

    95KB

  • Sample

    240603-qshmdaga8s

  • MD5

    a507f89791b8abffaded4a48717c9f60

  • SHA1

    17cb54deab18d8d8fea5826ebdcf00c1faa78910

  • SHA256

    b5be4639db0733d12076a36e0ffb68f0469bd13c328bde89f832d40ab2c32b55

  • SHA512

    1e194f7e28d9e949c336ce330b15d827d1e836f256e304d61dfca791548551ad7c37ed06c45f6d3d1e193babc4730f7ad46c28afba8a3cb9a954614283e0cbd3

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxEPOfPrAB:ymb3NkkiQ3mdBjFo73PYP1lri3KuOnrE

Malware Config

Targets

    • Target

      a507f89791b8abffaded4a48717c9f60_NeikiAnalytics.exe

    • Size

      95KB

    • MD5

      a507f89791b8abffaded4a48717c9f60

    • SHA1

      17cb54deab18d8d8fea5826ebdcf00c1faa78910

    • SHA256

      b5be4639db0733d12076a36e0ffb68f0469bd13c328bde89f832d40ab2c32b55

    • SHA512

      1e194f7e28d9e949c336ce330b15d827d1e836f256e304d61dfca791548551ad7c37ed06c45f6d3d1e193babc4730f7ad46c28afba8a3cb9a954614283e0cbd3

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxEPOfPrAB:ymb3NkkiQ3mdBjFo73PYP1lri3KuOnrE

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks