General

  • Target

    61c669c214704a1abdeae4a5d94107b4fd3bea846b0c3c1efed8ccee6392a14b_NeikiAnalytics.exe

  • Size

    92KB

  • Sample

    240621-mj7clawdje

  • MD5

    2be89c94105158475ad8ecc4866a0250

  • SHA1

    39e06a6b10fdb005c3ee7955209c6e1b9cf5d8f2

  • SHA256

    61c669c214704a1abdeae4a5d94107b4fd3bea846b0c3c1efed8ccee6392a14b

  • SHA512

    2fc59941482e7185d0a50c54de4fd0b1e27707dccbc2c00722103fcd05ea8f9e8272567fe2331b05e754b186259dfe06d7b413fde259cc061021b92baa159f27

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxS1rj/21M:ymb3NkkiQ3mdBjFo73PYP1lri3K8Gy

Malware Config

Targets

    • Target

      61c669c214704a1abdeae4a5d94107b4fd3bea846b0c3c1efed8ccee6392a14b_NeikiAnalytics.exe

    • Size

      92KB

    • MD5

      2be89c94105158475ad8ecc4866a0250

    • SHA1

      39e06a6b10fdb005c3ee7955209c6e1b9cf5d8f2

    • SHA256

      61c669c214704a1abdeae4a5d94107b4fd3bea846b0c3c1efed8ccee6392a14b

    • SHA512

      2fc59941482e7185d0a50c54de4fd0b1e27707dccbc2c00722103fcd05ea8f9e8272567fe2331b05e754b186259dfe06d7b413fde259cc061021b92baa159f27

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxS1rj/21M:ymb3NkkiQ3mdBjFo73PYP1lri3K8Gy

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks