General

  • Target

    648b6c2eeecf20ebcfa5207fb938b3acd5ee81a2a57d9c8f71ee12b71cb4d436_NeikiAnalytics.exe

  • Size

    267KB

  • Sample

    240620-p5pqsaybrb

  • MD5

    7d1f2945c2ac642aa524402dc9393810

  • SHA1

    4b3dc03bd7aaa9e9b44e6caed93a515bdc0df801

  • SHA256

    648b6c2eeecf20ebcfa5207fb938b3acd5ee81a2a57d9c8f71ee12b71cb4d436

  • SHA512

    a4c3953255cc55cc8c6c08b0d7b0fc3f793facf26668279fb9e3e2676f6abc69212817be32c9a7428599906490db17acdee9e353e19a27b12dba7d7b7dcc3695

  • SSDEEP

    6144:Ycm4FmowdHoSgWrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmx:e4wFHoSgWjdpKGATTk/jYIOWN/KnnPW

Malware Config

Targets

    • Target

      648b6c2eeecf20ebcfa5207fb938b3acd5ee81a2a57d9c8f71ee12b71cb4d436_NeikiAnalytics.exe

    • Size

      267KB

    • MD5

      7d1f2945c2ac642aa524402dc9393810

    • SHA1

      4b3dc03bd7aaa9e9b44e6caed93a515bdc0df801

    • SHA256

      648b6c2eeecf20ebcfa5207fb938b3acd5ee81a2a57d9c8f71ee12b71cb4d436

    • SHA512

      a4c3953255cc55cc8c6c08b0d7b0fc3f793facf26668279fb9e3e2676f6abc69212817be32c9a7428599906490db17acdee9e353e19a27b12dba7d7b7dcc3695

    • SSDEEP

      6144:Ycm4FmowdHoSgWrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmx:e4wFHoSgWjdpKGATTk/jYIOWN/KnnPW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks