General

  • Target

    5f4e8c81f9156ba79297d5b1e61ca63075ee57408690d6d3366ee64e6991b4bb_NeikiAnalytics.exe

  • Size

    295KB

  • Sample

    240621-l43pgazaqq

  • MD5

    256edf8e3a2aea0457ffdfc753de7e10

  • SHA1

    e476606db068fce98281e0222faed4bd547b92fa

  • SHA256

    5f4e8c81f9156ba79297d5b1e61ca63075ee57408690d6d3366ee64e6991b4bb

  • SHA512

    e64480436cf2d08b3d7d9c29353239b43adcdac76c35e9be2708ecb387a95f04893ab75611aaf2421e4a3fee0e1a3e000f5ff4a512c836ad279b75ec4841f6df

  • SSDEEP

    6144:ccm4FmowdHoSQkuObHq9ltAszBd+za/p1slTjZXvEQo9dftOU:K4wFHoSQkuUHk1zBR/pMT9XvEhdfj

Malware Config

Targets

    • Target

      5f4e8c81f9156ba79297d5b1e61ca63075ee57408690d6d3366ee64e6991b4bb_NeikiAnalytics.exe

    • Size

      295KB

    • MD5

      256edf8e3a2aea0457ffdfc753de7e10

    • SHA1

      e476606db068fce98281e0222faed4bd547b92fa

    • SHA256

      5f4e8c81f9156ba79297d5b1e61ca63075ee57408690d6d3366ee64e6991b4bb

    • SHA512

      e64480436cf2d08b3d7d9c29353239b43adcdac76c35e9be2708ecb387a95f04893ab75611aaf2421e4a3fee0e1a3e000f5ff4a512c836ad279b75ec4841f6df

    • SSDEEP

      6144:ccm4FmowdHoSQkuObHq9ltAszBd+za/p1slTjZXvEQo9dftOU:K4wFHoSQkuUHk1zBR/pMT9XvEhdfj

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks