General

  • Target

    d55270cafea1ea02b34e18f382a5c240_NEIKI

  • Size

    452KB

  • Sample

    240509-db9cjshc95

  • MD5

    d55270cafea1ea02b34e18f382a5c240

  • SHA1

    f2d71c609d8822af604e708e40a365cc699f4018

  • SHA256

    7b2593b932c6984d56dcde774eace65b65ca8ca37dae91355629c17ee04d1a3c

  • SHA512

    51823c9315cf28251733cfbd3fbf61a5f56b06eb8cb875407adbd42ba1ed948451fdeaecd5d1ee75faf395d0a30eff93f43d18b999d887474bf78262a9b1c306

  • SSDEEP

    12288:04wFHoSyd0V3eFp3IDvSbh5nPYERM8mXzploW:rd0gFp3lz1/uzploW

Malware Config

Targets

    • Target

      d55270cafea1ea02b34e18f382a5c240_NEIKI

    • Size

      452KB

    • MD5

      d55270cafea1ea02b34e18f382a5c240

    • SHA1

      f2d71c609d8822af604e708e40a365cc699f4018

    • SHA256

      7b2593b932c6984d56dcde774eace65b65ca8ca37dae91355629c17ee04d1a3c

    • SHA512

      51823c9315cf28251733cfbd3fbf61a5f56b06eb8cb875407adbd42ba1ed948451fdeaecd5d1ee75faf395d0a30eff93f43d18b999d887474bf78262a9b1c306

    • SSDEEP

      12288:04wFHoSyd0V3eFp3IDvSbh5nPYERM8mXzploW:rd0gFp3lz1/uzploW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks