General

  • Target

    06809b2b023c3ed97df6e4c635cfe7375e6851b3bb9c221358fed65c7f5987dc_NeikiAnalytics.exe

  • Size

    57KB

  • Sample

    240620-xtpweatalb

  • MD5

    b98deaaa6aeccc757284a1ba1030e890

  • SHA1

    0f4f300cb68c9b2d1d9875a09ddeae113b1bf894

  • SHA256

    06809b2b023c3ed97df6e4c635cfe7375e6851b3bb9c221358fed65c7f5987dc

  • SHA512

    560d2c33a3534a0a0b7aa6c6bf1bb8f42bbc2383f9bab4df159e65d8f5e487e22970864b68722d7d97292b38fe0e70db24349205ee54ad5c7e35f628a3319da6

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVVm:ymb3NkkiQ3mdBjF0crVm

Malware Config

Targets

    • Target

      06809b2b023c3ed97df6e4c635cfe7375e6851b3bb9c221358fed65c7f5987dc_NeikiAnalytics.exe

    • Size

      57KB

    • MD5

      b98deaaa6aeccc757284a1ba1030e890

    • SHA1

      0f4f300cb68c9b2d1d9875a09ddeae113b1bf894

    • SHA256

      06809b2b023c3ed97df6e4c635cfe7375e6851b3bb9c221358fed65c7f5987dc

    • SHA512

      560d2c33a3534a0a0b7aa6c6bf1bb8f42bbc2383f9bab4df159e65d8f5e487e22970864b68722d7d97292b38fe0e70db24349205ee54ad5c7e35f628a3319da6

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVVm:ymb3NkkiQ3mdBjF0crVm

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks