General

  • Target

    3c6769a6bb7bfc258ba01697f0b8eac0_NEIKI

  • Size

    608KB

  • Sample

    240508-y5rptadg5w

  • MD5

    3c6769a6bb7bfc258ba01697f0b8eac0

  • SHA1

    e34642433c263024a8f490f384df3ba1b7cbb6ed

  • SHA256

    d101bf72104912a7b9f33c06eaa5919252ee479d0b99457234fdfba3246adc99

  • SHA512

    f294b2561cea87019993ac9f0af0dfe67ba2910369d651f74266a96e6da76456dd396e3abc50e677ef3ac87b7878ca1181c2c9400de1a8efddf1e6dcd9503971

  • SSDEEP

    6144:zJB0PLonpe1h5fqpErm9cRLBOtFWaCfmAU+wDhuXCyW8bQQG7NpAvFVo:zJB0lh5aILwtFPCfmAUtxjEG7NpAvFO

Malware Config

Targets

    • Target

      3c6769a6bb7bfc258ba01697f0b8eac0_NEIKI

    • Size

      608KB

    • MD5

      3c6769a6bb7bfc258ba01697f0b8eac0

    • SHA1

      e34642433c263024a8f490f384df3ba1b7cbb6ed

    • SHA256

      d101bf72104912a7b9f33c06eaa5919252ee479d0b99457234fdfba3246adc99

    • SHA512

      f294b2561cea87019993ac9f0af0dfe67ba2910369d651f74266a96e6da76456dd396e3abc50e677ef3ac87b7878ca1181c2c9400de1a8efddf1e6dcd9503971

    • SSDEEP

      6144:zJB0PLonpe1h5fqpErm9cRLBOtFWaCfmAU+wDhuXCyW8bQQG7NpAvFVo:zJB0lh5aILwtFPCfmAUtxjEG7NpAvFO

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks