General

  • Target

    66c5281c63ab8a1a9cb1c935ff657e7df6fcb723e15a1c3ef0e1e15c10b388f4_NeikiAnalytics.exe

  • Size

    259KB

  • Sample

    240621-m989waxcnh

  • MD5

    c482e0e7077dc00466e042b39fb52730

  • SHA1

    3fd8e266ee450e7af35683c5de3032c714f1ca51

  • SHA256

    66c5281c63ab8a1a9cb1c935ff657e7df6fcb723e15a1c3ef0e1e15c10b388f4

  • SHA512

    a0c229edea1f330d24e4d1aaca6386017fffd34a470bb6b77ab2761f49b7f077f8f84a40bcb16b63d650aac90420fa6d8071c82e0ae64daf843bf17bc83abcb2

  • SSDEEP

    6144:kcm4FmowdHoSphraH+W0+9JGW594s2jULIDNc71ra8:y4wFHoS3eeWR9JGW594tjU6wg8

Malware Config

Targets

    • Target

      66c5281c63ab8a1a9cb1c935ff657e7df6fcb723e15a1c3ef0e1e15c10b388f4_NeikiAnalytics.exe

    • Size

      259KB

    • MD5

      c482e0e7077dc00466e042b39fb52730

    • SHA1

      3fd8e266ee450e7af35683c5de3032c714f1ca51

    • SHA256

      66c5281c63ab8a1a9cb1c935ff657e7df6fcb723e15a1c3ef0e1e15c10b388f4

    • SHA512

      a0c229edea1f330d24e4d1aaca6386017fffd34a470bb6b77ab2761f49b7f077f8f84a40bcb16b63d650aac90420fa6d8071c82e0ae64daf843bf17bc83abcb2

    • SSDEEP

      6144:kcm4FmowdHoSphraH+W0+9JGW594s2jULIDNc71ra8:y4wFHoS3eeWR9JGW594tjU6wg8

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks