General

  • Target

    0e5b8170744b93339ebaf8e778a655120acc183585d3be851d54514f078bbb8c_NeikiAnalytics.exe

  • Size

    381KB

  • Sample

    240620-zxj6faxcnd

  • MD5

    f20f6992ba29f93df115c5221a45c370

  • SHA1

    1e0e9171f315defa7d244280936ad8d48b936d2b

  • SHA256

    0e5b8170744b93339ebaf8e778a655120acc183585d3be851d54514f078bbb8c

  • SHA512

    be6078436025a765a3d16e19f0a01f4f1f6f92fac41e16f4e79eb952529f5ad1f78aae2c4635cd2adcc9fb71de94351548587c60f3525ae8ba70f4bdca3b733c

  • SSDEEP

    6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVov:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoX

Malware Config

Targets

    • Target

      0e5b8170744b93339ebaf8e778a655120acc183585d3be851d54514f078bbb8c_NeikiAnalytics.exe

    • Size

      381KB

    • MD5

      f20f6992ba29f93df115c5221a45c370

    • SHA1

      1e0e9171f315defa7d244280936ad8d48b936d2b

    • SHA256

      0e5b8170744b93339ebaf8e778a655120acc183585d3be851d54514f078bbb8c

    • SHA512

      be6078436025a765a3d16e19f0a01f4f1f6f92fac41e16f4e79eb952529f5ad1f78aae2c4635cd2adcc9fb71de94351548587c60f3525ae8ba70f4bdca3b733c

    • SSDEEP

      6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVov:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoX

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks