General

  • Target

    6b5e03de7de22e91123c0c5427a20e89f19cf29ec21daa8d9df2a7938fbebc54_NeikiAnalytics.exe

  • Size

    77KB

  • Sample

    240621-n5dsvayemd

  • MD5

    a213360eafe0465c0de9c975f83106b0

  • SHA1

    50ce85132d381198766f7af8d7a7984deb7da7f4

  • SHA256

    6b5e03de7de22e91123c0c5427a20e89f19cf29ec21daa8d9df2a7938fbebc54

  • SHA512

    455bc0c1ee0dc23416c115996c7121c3b204d65b333bc70670215fb26c0edc5a8b6f65c2d148454948fed4c0bd24223253980a22365ed1c253fccd6a26aeff46

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIIpIo60L9QrrA4:ymb3NkkiQ3mdBjFIIp9L9QrrA4

Malware Config

Targets

    • Target

      6b5e03de7de22e91123c0c5427a20e89f19cf29ec21daa8d9df2a7938fbebc54_NeikiAnalytics.exe

    • Size

      77KB

    • MD5

      a213360eafe0465c0de9c975f83106b0

    • SHA1

      50ce85132d381198766f7af8d7a7984deb7da7f4

    • SHA256

      6b5e03de7de22e91123c0c5427a20e89f19cf29ec21daa8d9df2a7938fbebc54

    • SHA512

      455bc0c1ee0dc23416c115996c7121c3b204d65b333bc70670215fb26c0edc5a8b6f65c2d148454948fed4c0bd24223253980a22365ed1c253fccd6a26aeff46

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIIpIo60L9QrrA4:ymb3NkkiQ3mdBjFIIp9L9QrrA4

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks