General

  • Target

    03b7c4e87d78445976145c87a624262ee0a883a3a485b40e0f6f14ff87365c62_NeikiAnalytics.exe

  • Size

    58KB

  • Sample

    240620-vmmflaybna

  • MD5

    099d9a3dc80c59c98e8ebb853b698f20

  • SHA1

    e4cb2c72799fec2d6c2db087044a5fea0a65ca2e

  • SHA256

    03b7c4e87d78445976145c87a624262ee0a883a3a485b40e0f6f14ff87365c62

  • SHA512

    a80cce89a0bb14d525ba267d3f84830aa84ac5c4b87885ce4f0bcd0900dec89afdf0cc7cc1b04926b01d2b314eb94faedb0c88f6e111beca59871ee497d10046

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoA8:ymb3NkkiQ3mdBjFoR

Malware Config

Targets

    • Target

      03b7c4e87d78445976145c87a624262ee0a883a3a485b40e0f6f14ff87365c62_NeikiAnalytics.exe

    • Size

      58KB

    • MD5

      099d9a3dc80c59c98e8ebb853b698f20

    • SHA1

      e4cb2c72799fec2d6c2db087044a5fea0a65ca2e

    • SHA256

      03b7c4e87d78445976145c87a624262ee0a883a3a485b40e0f6f14ff87365c62

    • SHA512

      a80cce89a0bb14d525ba267d3f84830aa84ac5c4b87885ce4f0bcd0900dec89afdf0cc7cc1b04926b01d2b314eb94faedb0c88f6e111beca59871ee497d10046

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoA8:ymb3NkkiQ3mdBjFoR

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks