General

  • Target

    0e6d661772d8f57658301e23ec7cf94a998bdf77fbeeeca6c17f0fda09cd8996_NeikiAnalytics.exe

  • Size

    200KB

  • Sample

    240620-zyc4hsxcng

  • MD5

    af6484eba037de11f64fd2ebdf94b440

  • SHA1

    2ccbc1f5ba655263fd9e751a3b6e59d55eb485f0

  • SHA256

    0e6d661772d8f57658301e23ec7cf94a998bdf77fbeeeca6c17f0fda09cd8996

  • SHA512

    30b19a01d3beaee2c3c9ce9d4de6a73ea55917c99c6a5293a915921ca0f1e0cfdde0baaeb781cdf41970e2af2129ec51bdbbc383c3745c75d6acdb025cf7d10d

  • SSDEEP

    3072:ZhOmTsF93UYfwC6GIoutFza6BhOmTsUm82xpi8rY9AABa1JePQKN1hJCbI:Zcm4FmowdHoSha6Bcm4JddW7Y6XJCbI

Malware Config

Targets

    • Target

      0e6d661772d8f57658301e23ec7cf94a998bdf77fbeeeca6c17f0fda09cd8996_NeikiAnalytics.exe

    • Size

      200KB

    • MD5

      af6484eba037de11f64fd2ebdf94b440

    • SHA1

      2ccbc1f5ba655263fd9e751a3b6e59d55eb485f0

    • SHA256

      0e6d661772d8f57658301e23ec7cf94a998bdf77fbeeeca6c17f0fda09cd8996

    • SHA512

      30b19a01d3beaee2c3c9ce9d4de6a73ea55917c99c6a5293a915921ca0f1e0cfdde0baaeb781cdf41970e2af2129ec51bdbbc383c3745c75d6acdb025cf7d10d

    • SSDEEP

      3072:ZhOmTsF93UYfwC6GIoutFza6BhOmTsUm82xpi8rY9AABa1JePQKN1hJCbI:Zcm4FmowdHoSha6Bcm4JddW7Y6XJCbI

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks