General

  • Target

    4171835f7db51b82965ac2fb82fb8d60_NEIKI

  • Size

    135KB

  • Sample

    240508-k86q9afh32

  • MD5

    4171835f7db51b82965ac2fb82fb8d60

  • SHA1

    1b0a7345f56eb710d7d4ac5fb0c88e0ce4fd3885

  • SHA256

    49a5d99c281d4b1bb4a32f00ce36fe31fe3d417b49ccfe9fb2fea3915ccc6ae8

  • SHA512

    62bd3ff663622d35349af16cdfc8a9cfe68ce4634c4b451b50c398306dc8924482971070f8b78adbac6678ea3d18be142ebf77a2dfafaae3b3e150ca944f91fd

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFWXkj7afoHVpx+dGoEjZeiV:n3C9BRW0j/1px+dG3FV

Malware Config

Targets

    • Target

      4171835f7db51b82965ac2fb82fb8d60_NEIKI

    • Size

      135KB

    • MD5

      4171835f7db51b82965ac2fb82fb8d60

    • SHA1

      1b0a7345f56eb710d7d4ac5fb0c88e0ce4fd3885

    • SHA256

      49a5d99c281d4b1bb4a32f00ce36fe31fe3d417b49ccfe9fb2fea3915ccc6ae8

    • SHA512

      62bd3ff663622d35349af16cdfc8a9cfe68ce4634c4b451b50c398306dc8924482971070f8b78adbac6678ea3d18be142ebf77a2dfafaae3b3e150ca944f91fd

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFWXkj7afoHVpx+dGoEjZeiV:n3C9BRW0j/1px+dG3FV

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks