General

  • Target

    17f184c76383eb3d95dfaf1fa18b7190_NeikiAnalytics.exe

  • Size

    163KB

  • Sample

    240606-qhgx4aee7w

  • MD5

    17f184c76383eb3d95dfaf1fa18b7190

  • SHA1

    2f7f77bb30f5dfb93cdf784534d79d332d58af70

  • SHA256

    8cbe718f5eb67ecf9cf7b126b3caff07738ae044cfb5cd2165f751ce842687dc

  • SHA512

    494e2070c155b6de18e057542a651255cd475f85180d692dfba273f771df74178d3f37f82a15673da5116af7e3383f179c1070c974c42ff7f0194abb16f2ebf7

  • SSDEEP

    3072:chOmTsF93UYfwC6GIoutieyhC2lbgGi5yL3:ccm4FmowdHoSi9E8

Malware Config

Targets

    • Target

      17f184c76383eb3d95dfaf1fa18b7190_NeikiAnalytics.exe

    • Size

      163KB

    • MD5

      17f184c76383eb3d95dfaf1fa18b7190

    • SHA1

      2f7f77bb30f5dfb93cdf784534d79d332d58af70

    • SHA256

      8cbe718f5eb67ecf9cf7b126b3caff07738ae044cfb5cd2165f751ce842687dc

    • SHA512

      494e2070c155b6de18e057542a651255cd475f85180d692dfba273f771df74178d3f37f82a15673da5116af7e3383f179c1070c974c42ff7f0194abb16f2ebf7

    • SSDEEP

      3072:chOmTsF93UYfwC6GIoutieyhC2lbgGi5yL3:ccm4FmowdHoSi9E8

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks