General

  • Target

    02dc5863cab5e494975cd8966a1fb1c4edd08fc5c1bf7f6647ac7b9ce2d1b0cb_NeikiAnalytics.exe

  • Size

    114KB

  • Sample

    240620-t28rps1fjj

  • MD5

    2a0d678296f2476a3e9a03b024d50780

  • SHA1

    cb9704d13784602fdb79f58c6b70ec934ec8b5ea

  • SHA256

    02dc5863cab5e494975cd8966a1fb1c4edd08fc5c1bf7f6647ac7b9ce2d1b0cb

  • SHA512

    8494b9e31c982ab1b3632b2dde0fc0497351d7a025f076e2523689ac737ad2b7665e20ef7cbfb279cd4e397eb430379f1a912fa2d318e819dfa8ea9e05aff17e

  • SSDEEP

    3072:xhOmTsF93UYfwC6GIout03Fv9KdYGUgeLM:xcm4FmowdHoS03F2Y9FM

Malware Config

Targets

    • Target

      02dc5863cab5e494975cd8966a1fb1c4edd08fc5c1bf7f6647ac7b9ce2d1b0cb_NeikiAnalytics.exe

    • Size

      114KB

    • MD5

      2a0d678296f2476a3e9a03b024d50780

    • SHA1

      cb9704d13784602fdb79f58c6b70ec934ec8b5ea

    • SHA256

      02dc5863cab5e494975cd8966a1fb1c4edd08fc5c1bf7f6647ac7b9ce2d1b0cb

    • SHA512

      8494b9e31c982ab1b3632b2dde0fc0497351d7a025f076e2523689ac737ad2b7665e20ef7cbfb279cd4e397eb430379f1a912fa2d318e819dfa8ea9e05aff17e

    • SSDEEP

      3072:xhOmTsF93UYfwC6GIout03Fv9KdYGUgeLM:xcm4FmowdHoS03F2Y9FM

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks