General

  • Target

    1e2889c662ee8c51597f9004f38756e0_NeikiAnalytics.exe

  • Size

    233KB

  • Sample

    240606-v7elgshc9v

  • MD5

    1e2889c662ee8c51597f9004f38756e0

  • SHA1

    b560df40c40318c1ea4b64737b9011ca799e1475

  • SHA256

    ef1ba9147adf9b7554d250d5c390deaa7a79e5b4b933ad3d6ef673f796f4a30b

  • SHA512

    51a62d4841a8858ab29f988f063b95dfbf3623005c33383e81dddc3d1306585f6c9402d291f9306a234f1efb330739bf1aa498fa60f245c750f2bbe59dfa9a8c

  • SSDEEP

    6144:kcm4FmowdHoSSGpJw4PqhraHcpOmFTHDGYhEf5X2a9N:y4wFHoSSGpJwGeeFmFTNAp2AN

Malware Config

Targets

    • Target

      1e2889c662ee8c51597f9004f38756e0_NeikiAnalytics.exe

    • Size

      233KB

    • MD5

      1e2889c662ee8c51597f9004f38756e0

    • SHA1

      b560df40c40318c1ea4b64737b9011ca799e1475

    • SHA256

      ef1ba9147adf9b7554d250d5c390deaa7a79e5b4b933ad3d6ef673f796f4a30b

    • SHA512

      51a62d4841a8858ab29f988f063b95dfbf3623005c33383e81dddc3d1306585f6c9402d291f9306a234f1efb330739bf1aa498fa60f245c750f2bbe59dfa9a8c

    • SSDEEP

      6144:kcm4FmowdHoSSGpJw4PqhraHcpOmFTHDGYhEf5X2a9N:y4wFHoSSGpJwGeeFmFTNAp2AN

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks