General

  • Target

    2159b259021c83fd27bbf30c54074750_NEIKI

  • Size

    447KB

  • Sample

    240508-x9q4eaeb52

  • MD5

    2159b259021c83fd27bbf30c54074750

  • SHA1

    2d94d80a50bb0ed9db2f3a49ee851b27b2dbad62

  • SHA256

    8b05b4fa81c06919fb40133cdbe4f65c2062af87814f382a1b0647b697e891cb

  • SHA512

    6cd4a3c47b2ee61630283d7f6856073bfb80362cf90d41bdac841381f20c308ad8051599de38a9f6fe8ddf56e81b36c55dc3c5313018c2ab81feca67133b87fc

  • SSDEEP

    6144:n3C9BRo7MlrWKo+lS0Le4xRSAoq78yoyfx93sEqkeGLk:n3C9yMo+S0L9xRnoq7H9xqYLk

Malware Config

Targets

    • Target

      2159b259021c83fd27bbf30c54074750_NEIKI

    • Size

      447KB

    • MD5

      2159b259021c83fd27bbf30c54074750

    • SHA1

      2d94d80a50bb0ed9db2f3a49ee851b27b2dbad62

    • SHA256

      8b05b4fa81c06919fb40133cdbe4f65c2062af87814f382a1b0647b697e891cb

    • SHA512

      6cd4a3c47b2ee61630283d7f6856073bfb80362cf90d41bdac841381f20c308ad8051599de38a9f6fe8ddf56e81b36c55dc3c5313018c2ab81feca67133b87fc

    • SSDEEP

      6144:n3C9BRo7MlrWKo+lS0Le4xRSAoq78yoyfx93sEqkeGLk:n3C9yMo+S0L9xRnoq7H9xqYLk

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks