General

  • Target

    24a3c1795f6bae835cc24498ed1d8b19d11dc78dbe6a0a93a9394dcb7f4bece4_NeikiAnalytics.exe

  • Size

    267KB

  • Sample

    240621-a17y8steja

  • MD5

    c71b1c9aafbb90db4ad73df5fa38c080

  • SHA1

    4a7df5b4cb720d186207265120f14dcef15a5ee3

  • SHA256

    24a3c1795f6bae835cc24498ed1d8b19d11dc78dbe6a0a93a9394dcb7f4bece4

  • SHA512

    0f1582539fcfa0e1e5de34d6aa9ab468e6e80176c718623c326f726448b783496b15f0e629a5143a7670d61b1ba08a86152836692dd25bd4a7de5680acee764f

  • SSDEEP

    6144:Ycm4FmowdHoSgWrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmU:e4wFHoSgWjdpKGATTk/jYIOWN/KnnPJ

Malware Config

Targets

    • Target

      24a3c1795f6bae835cc24498ed1d8b19d11dc78dbe6a0a93a9394dcb7f4bece4_NeikiAnalytics.exe

    • Size

      267KB

    • MD5

      c71b1c9aafbb90db4ad73df5fa38c080

    • SHA1

      4a7df5b4cb720d186207265120f14dcef15a5ee3

    • SHA256

      24a3c1795f6bae835cc24498ed1d8b19d11dc78dbe6a0a93a9394dcb7f4bece4

    • SHA512

      0f1582539fcfa0e1e5de34d6aa9ab468e6e80176c718623c326f726448b783496b15f0e629a5143a7670d61b1ba08a86152836692dd25bd4a7de5680acee764f

    • SSDEEP

      6144:Ycm4FmowdHoSgWrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmU:e4wFHoSgWjdpKGATTk/jYIOWN/KnnPJ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks