General

  • Target

    01c560c31e699477477f6f51579fea79f7b0fa61354f80bf2a734e15af2a9d9f_NeikiAnalytics.exe

  • Size

    441KB

  • Sample

    240621-q6ms9asdmg

  • MD5

    b4b308ac9e3770f0e86d2d1bc5d94400

  • SHA1

    63af76e8a49b34b9e6aa86c8951e03194a3fa172

  • SHA256

    01c560c31e699477477f6f51579fea79f7b0fa61354f80bf2a734e15af2a9d9f

  • SHA512

    277a23f5feba4a8813bf7eda5e1621b809f696e44c680d51780bd5bffbd701786d5aa5b5d24562be8725ed7d6f492ef084f694775ba017286ca3a942cb04696a

  • SSDEEP

    12288:w4wFHoS9KxbNnidEhjEJd1kNpeUgI95yRoZHVaoJMOxFXnRV4PiGO0hUmH5G:kKxbNndhjEJd1kNpeUgI95yRoZHgoJM6

Malware Config

Targets

    • Target

      01c560c31e699477477f6f51579fea79f7b0fa61354f80bf2a734e15af2a9d9f_NeikiAnalytics.exe

    • Size

      441KB

    • MD5

      b4b308ac9e3770f0e86d2d1bc5d94400

    • SHA1

      63af76e8a49b34b9e6aa86c8951e03194a3fa172

    • SHA256

      01c560c31e699477477f6f51579fea79f7b0fa61354f80bf2a734e15af2a9d9f

    • SHA512

      277a23f5feba4a8813bf7eda5e1621b809f696e44c680d51780bd5bffbd701786d5aa5b5d24562be8725ed7d6f492ef084f694775ba017286ca3a942cb04696a

    • SSDEEP

      12288:w4wFHoS9KxbNnidEhjEJd1kNpeUgI95yRoZHVaoJMOxFXnRV4PiGO0hUmH5G:kKxbNndhjEJd1kNpeUgI95yRoZHgoJM6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks