General

  • Target

    12e081eda489304fe66bf970081ed940_NeikiAnalytics.exe

  • Size

    487KB

  • Sample

    240606-ph6qsaea5y

  • MD5

    12e081eda489304fe66bf970081ed940

  • SHA1

    08917c16730fa4a806e907aced4fd2aed937aa1f

  • SHA256

    a4bb3f09967509d669786aacce2a29dcdb531b8825a5e8f33af20712d27852ec

  • SHA512

    f528d63d7d2f4679e841ce4f614e9dec45be3f7689cf92086812d98f14420384df1edbf65d080112c8ebc4365658262305095a4a7c0fb0cde5160a02fbcabae3

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwu1b26X1wjdgyPPB7:q7Tc2NYHUrAwqzQ7PPR

Malware Config

Targets

    • Target

      12e081eda489304fe66bf970081ed940_NeikiAnalytics.exe

    • Size

      487KB

    • MD5

      12e081eda489304fe66bf970081ed940

    • SHA1

      08917c16730fa4a806e907aced4fd2aed937aa1f

    • SHA256

      a4bb3f09967509d669786aacce2a29dcdb531b8825a5e8f33af20712d27852ec

    • SHA512

      f528d63d7d2f4679e841ce4f614e9dec45be3f7689cf92086812d98f14420384df1edbf65d080112c8ebc4365658262305095a4a7c0fb0cde5160a02fbcabae3

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwu1b26X1wjdgyPPB7:q7Tc2NYHUrAwqzQ7PPR

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks