General

  • Target

    d8e9fa161c70d44bc95877918d0b5330_NeikiAnalytics.exe

  • Size

    449KB

  • Sample

    240606-wv462sag92

  • MD5

    d8e9fa161c70d44bc95877918d0b5330

  • SHA1

    c8b8267f866e8829e9a0f707fd1f1e68570cf6e7

  • SHA256

    c738af45c34108c75fb7e666770360f41b2eff2467cef76145f3ae880980b808

  • SHA512

    733821ce796cf5e25c7401b7d461507c062b03d3fa931f1c47568930649f1adc31912241fdd95f3ae707928a9d1df1f18f6968edc29b6a2ab0c857c026ba3534

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeJ:q7Tc2NYHUrAwfMp3CDJ

Malware Config

Targets

    • Target

      d8e9fa161c70d44bc95877918d0b5330_NeikiAnalytics.exe

    • Size

      449KB

    • MD5

      d8e9fa161c70d44bc95877918d0b5330

    • SHA1

      c8b8267f866e8829e9a0f707fd1f1e68570cf6e7

    • SHA256

      c738af45c34108c75fb7e666770360f41b2eff2467cef76145f3ae880980b808

    • SHA512

      733821ce796cf5e25c7401b7d461507c062b03d3fa931f1c47568930649f1adc31912241fdd95f3ae707928a9d1df1f18f6968edc29b6a2ab0c857c026ba3534

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeJ:q7Tc2NYHUrAwfMp3CDJ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks