General

  • Target

    a12074f8e97a865af036978b96d2a5a0_NEIKI

  • Size

    73KB

  • Sample

    240508-chg17sfd97

  • MD5

    a12074f8e97a865af036978b96d2a5a0

  • SHA1

    3d9203d641333c995eb23f0dcb702ce715edf16e

  • SHA256

    b043b00b525f363755f1a6e5d98ddef8e01156cbf1c88b76072c65b772db42c2

  • SHA512

    7023104acc6bd05acf174e4a6542c49b05f799ee37ea1ef360a20e472ae490a98bb42cfb4b65ffd8ff01f0dc4226e140d37108a10e243b4dbec64165be5b0364

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIjaQkPcy8WTeAw4Pt:ymb3NkkiQ3mdBjFIpkPcy8qs4Pt

Malware Config

Targets

    • Target

      a12074f8e97a865af036978b96d2a5a0_NEIKI

    • Size

      73KB

    • MD5

      a12074f8e97a865af036978b96d2a5a0

    • SHA1

      3d9203d641333c995eb23f0dcb702ce715edf16e

    • SHA256

      b043b00b525f363755f1a6e5d98ddef8e01156cbf1c88b76072c65b772db42c2

    • SHA512

      7023104acc6bd05acf174e4a6542c49b05f799ee37ea1ef360a20e472ae490a98bb42cfb4b65ffd8ff01f0dc4226e140d37108a10e243b4dbec64165be5b0364

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIjaQkPcy8WTeAw4Pt:ymb3NkkiQ3mdBjFIpkPcy8qs4Pt

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks