General

  • Target

    135aa87215022467889461a9c20dd3c0_NeikiAnalytics.exe

  • Size

    138KB

  • Sample

    240606-ply54sfa67

  • MD5

    135aa87215022467889461a9c20dd3c0

  • SHA1

    c2afd4eea200570f6b62a6204011c563d7fb78e8

  • SHA256

    add682d96589038d32537c2dc7eca7bb9fdb0b55a4f4c2424a26f27464754ca7

  • SHA512

    0e3eb8e9f1a6e1aee7ee2a84a887c4445d236c7b2b2c7fa61d6eb6166ba5e838196a494ae872e0a188ab4f7b4f4834c6eeaf0eb8b191fb454178e63910b524ed

  • SSDEEP

    3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BfDKPeGrRN:kcm4FmowdHoSphraHcpOaKHL

Malware Config

Targets

    • Target

      135aa87215022467889461a9c20dd3c0_NeikiAnalytics.exe

    • Size

      138KB

    • MD5

      135aa87215022467889461a9c20dd3c0

    • SHA1

      c2afd4eea200570f6b62a6204011c563d7fb78e8

    • SHA256

      add682d96589038d32537c2dc7eca7bb9fdb0b55a4f4c2424a26f27464754ca7

    • SHA512

      0e3eb8e9f1a6e1aee7ee2a84a887c4445d236c7b2b2c7fa61d6eb6166ba5e838196a494ae872e0a188ab4f7b4f4834c6eeaf0eb8b191fb454178e63910b524ed

    • SSDEEP

      3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BfDKPeGrRN:kcm4FmowdHoSphraHcpOaKHL

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks