General

  • Target

    633667f02100f5c47d026392af484d2cdcd419276ec0b58bd7388d653eb3981e_NeikiAnalytics.exe

  • Size

    235KB

  • Sample

    240621-msvedswfmh

  • MD5

    cf68dc8fd352b4e9a779cec50651f830

  • SHA1

    e76c6c22598a716c6fd19087e65b442e9b21b736

  • SHA256

    633667f02100f5c47d026392af484d2cdcd419276ec0b58bd7388d653eb3981e

  • SHA512

    b15546eded466d7a7a24788c241e89ffdf7f756eaa1b403d6027bf9f5e7c7206384c2cf52651665ed03db598b99cd433a8c5aa6cbc96fbd388f4db57c6752dc2

  • SSDEEP

    6144:kcm4FmowdHoSSGpJw4PqhraHcpOmFTHDGYhEf5X2as:y4wFHoSSGpJwGeeFmFTNAp2Z

Malware Config

Targets

    • Target

      633667f02100f5c47d026392af484d2cdcd419276ec0b58bd7388d653eb3981e_NeikiAnalytics.exe

    • Size

      235KB

    • MD5

      cf68dc8fd352b4e9a779cec50651f830

    • SHA1

      e76c6c22598a716c6fd19087e65b442e9b21b736

    • SHA256

      633667f02100f5c47d026392af484d2cdcd419276ec0b58bd7388d653eb3981e

    • SHA512

      b15546eded466d7a7a24788c241e89ffdf7f756eaa1b403d6027bf9f5e7c7206384c2cf52651665ed03db598b99cd433a8c5aa6cbc96fbd388f4db57c6752dc2

    • SSDEEP

      6144:kcm4FmowdHoSSGpJw4PqhraHcpOmFTHDGYhEf5X2as:y4wFHoSSGpJwGeeFmFTNAp2Z

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks