General

  • Target

    b716963946e2f99989a6f17de94f25e0_NeikiAnalytics.exe

  • Size

    966KB

  • Sample

    240614-l8gmsswdjh

  • MD5

    b716963946e2f99989a6f17de94f25e0

  • SHA1

    0426d4d8bb38f8b4196f82c7b9cf433470153007

  • SHA256

    22f3dcfa88dd3d383c587f562a1cadc08a00fac24d794f51cf4f1921fdba9e5d

  • SHA512

    6f4cf78cc82e8a5a98222b3f9e5b546d36133c728963c7067e1335af04ba5b1d54228ca3fa68a543a93db0ef9e41bb09e8db07f34cbb158783a0c3ee66fb94c9

  • SSDEEP

    12288:n3C9ytvngQjy3C9I3YEWpYe+GalTLfOX+I3C9S3C9ytvngQj65syLr9fuWpw:SgdnJVwLgdnJq9fu3

Malware Config

Targets

    • Target

      b716963946e2f99989a6f17de94f25e0_NeikiAnalytics.exe

    • Size

      966KB

    • MD5

      b716963946e2f99989a6f17de94f25e0

    • SHA1

      0426d4d8bb38f8b4196f82c7b9cf433470153007

    • SHA256

      22f3dcfa88dd3d383c587f562a1cadc08a00fac24d794f51cf4f1921fdba9e5d

    • SHA512

      6f4cf78cc82e8a5a98222b3f9e5b546d36133c728963c7067e1335af04ba5b1d54228ca3fa68a543a93db0ef9e41bb09e8db07f34cbb158783a0c3ee66fb94c9

    • SSDEEP

      12288:n3C9ytvngQjy3C9I3YEWpYe+GalTLfOX+I3C9S3C9ytvngQj65syLr9fuWpw:SgdnJVwLgdnJq9fu3

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks