General

  • Target

    d7802181f57be93701be7f29cb7e6c00_NEIKI

  • Size

    221KB

  • Sample

    240509-dgz13aeh3v

  • MD5

    d7802181f57be93701be7f29cb7e6c00

  • SHA1

    7712eed21792defcf730acbe103270c813edd15f

  • SHA256

    906ac2c42248bc9d9d3f85ae7e02b247211dd332c130fd733b55debaa5c2c83f

  • SHA512

    1ab2f4ca2d32043c9c9c03fdab3181b45d5b91c2454fae36f75faceef553eacc9dbd65109b378106dec22b6f9596023a961933ee4a97b51515b8535772771cb1

  • SSDEEP

    6144:Jcm4FmowdHoS3dGmS4Z1hraHcpOaKHpaztyzo:T4wFHoS3dJS4ZzeFaKHpCco

Malware Config

Targets

    • Target

      d7802181f57be93701be7f29cb7e6c00_NEIKI

    • Size

      221KB

    • MD5

      d7802181f57be93701be7f29cb7e6c00

    • SHA1

      7712eed21792defcf730acbe103270c813edd15f

    • SHA256

      906ac2c42248bc9d9d3f85ae7e02b247211dd332c130fd733b55debaa5c2c83f

    • SHA512

      1ab2f4ca2d32043c9c9c03fdab3181b45d5b91c2454fae36f75faceef553eacc9dbd65109b378106dec22b6f9596023a961933ee4a97b51515b8535772771cb1

    • SSDEEP

      6144:Jcm4FmowdHoS3dGmS4Z1hraHcpOaKHpaztyzo:T4wFHoS3dJS4ZzeFaKHpCco

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks