General

  • Target

    1e4396f9762910d948b9ac3f4d102440_NeikiAnalytics.exe

  • Size

    234KB

  • Sample

    240604-b5fk8ahg32

  • MD5

    1e4396f9762910d948b9ac3f4d102440

  • SHA1

    c36446138cd462cef6a226a8697217558adbb933

  • SHA256

    42a3e7b46f0cde7079020d42b5915a357b32a8ddc7ac9661dcc88921b2136a85

  • SHA512

    26e9690e006f8b4ff8b647483b3eed9bd2dcf237e5bf8bc9915c14abd1a800ea661bd18feed11ad8dabd6f407fcc1415e6c8e518a6e3498a5a20b84429fb740a

  • SSDEEP

    6144:kcm4FmowdHoSSGpJw4PqhraHcpOmFTHDGYhEf5X2a1:y4wFHoSSGpJwGeeFmFTNAp2G

Malware Config

Targets

    • Target

      1e4396f9762910d948b9ac3f4d102440_NeikiAnalytics.exe

    • Size

      234KB

    • MD5

      1e4396f9762910d948b9ac3f4d102440

    • SHA1

      c36446138cd462cef6a226a8697217558adbb933

    • SHA256

      42a3e7b46f0cde7079020d42b5915a357b32a8ddc7ac9661dcc88921b2136a85

    • SHA512

      26e9690e006f8b4ff8b647483b3eed9bd2dcf237e5bf8bc9915c14abd1a800ea661bd18feed11ad8dabd6f407fcc1415e6c8e518a6e3498a5a20b84429fb740a

    • SSDEEP

      6144:kcm4FmowdHoSSGpJw4PqhraHcpOmFTHDGYhEf5X2a1:y4wFHoSSGpJwGeeFmFTNAp2G

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks