General

  • Target

    12a1cf48db42a3b99d3926a248286240_NeikiAnalytics.exe

  • Size

    414KB

  • Sample

    240606-pg9q2sea5s

  • MD5

    12a1cf48db42a3b99d3926a248286240

  • SHA1

    e387ed8cf21f66717b053054c869081ffcc6d090

  • SHA256

    a6617b2f6687b9d4c04c4918fa262eceaf25d475790628ba076650313458e400

  • SHA512

    7880cd72c4454a494d8b2ec91e45ef94bdd273c24b4cae6859213cf3059625a260efb4db2956e37b6f37497acb1c3c603c4b8b0d0505bc0c506017567fe0fa04

  • SSDEEP

    12288:n3C9ytvngQj4DtvnV9wLn9UTfC8eieJNBNIsYPy:SgdnJUdnV9S

Malware Config

Targets

    • Target

      12a1cf48db42a3b99d3926a248286240_NeikiAnalytics.exe

    • Size

      414KB

    • MD5

      12a1cf48db42a3b99d3926a248286240

    • SHA1

      e387ed8cf21f66717b053054c869081ffcc6d090

    • SHA256

      a6617b2f6687b9d4c04c4918fa262eceaf25d475790628ba076650313458e400

    • SHA512

      7880cd72c4454a494d8b2ec91e45ef94bdd273c24b4cae6859213cf3059625a260efb4db2956e37b6f37497acb1c3c603c4b8b0d0505bc0c506017567fe0fa04

    • SSDEEP

      12288:n3C9ytvngQj4DtvnV9wLn9UTfC8eieJNBNIsYPy:SgdnJUdnV9S

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks