General

  • Target

    0e906459f1fb11fef4b94cc46b33a160_NeikiAnalytics.exe

  • Size

    389KB

  • Sample

    240606-nsc1sadf4w

  • MD5

    0e906459f1fb11fef4b94cc46b33a160

  • SHA1

    9d8c8877106505a269332fe126b82a0625410556

  • SHA256

    08de78967cd165651f5b323ecf0f380639306d25d4131720a66da4f5ce1c0398

  • SHA512

    436c3eadbef302ea3bb56c0ad3d5a7a1bbcdd8d348d10056901aaa4dd4b1d556854a0f10ba6e0ed71bd8c930e9d307ede70f8d6c42727f05675d98ca3ad3e498

  • SSDEEP

    12288:n3C9ytvngQjpUXoSWlnwJv90aKToFqwfm:SgdnJVU4TlnwJ6GoN

Malware Config

Targets

    • Target

      0e906459f1fb11fef4b94cc46b33a160_NeikiAnalytics.exe

    • Size

      389KB

    • MD5

      0e906459f1fb11fef4b94cc46b33a160

    • SHA1

      9d8c8877106505a269332fe126b82a0625410556

    • SHA256

      08de78967cd165651f5b323ecf0f380639306d25d4131720a66da4f5ce1c0398

    • SHA512

      436c3eadbef302ea3bb56c0ad3d5a7a1bbcdd8d348d10056901aaa4dd4b1d556854a0f10ba6e0ed71bd8c930e9d307ede70f8d6c42727f05675d98ca3ad3e498

    • SSDEEP

      12288:n3C9ytvngQjpUXoSWlnwJv90aKToFqwfm:SgdnJVU4TlnwJ6GoN

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks