General

  • Target

    d3b54542145c5542197dc8f5a7ea4250_NEIKI

  • Size

    125KB

  • Sample

    240509-c81w1aec8t

  • MD5

    d3b54542145c5542197dc8f5a7ea4250

  • SHA1

    46a243695677986e921633a17e3cdf86903728d6

  • SHA256

    e50944a71e2461257fb9b1a8b1bc47b214c288584d3f72e2e638a0509f362242

  • SHA512

    9e64286df3f4d05a53612a3595650d498c58d0125e1e07c9bcb3df17bd235c5a31cabfa9189730e27e6b70d431da1dfe4548695f16c02fa99a333cd0fa0e31f8

  • SSDEEP

    3072:d/wr2H0i800SLxnrkqcx1WdTCn93OGey/ZhJakrPF:j0in9nr1caTCndOGeKTaG

Malware Config

Targets

    • Target

      d3b54542145c5542197dc8f5a7ea4250_NEIKI

    • Size

      125KB

    • MD5

      d3b54542145c5542197dc8f5a7ea4250

    • SHA1

      46a243695677986e921633a17e3cdf86903728d6

    • SHA256

      e50944a71e2461257fb9b1a8b1bc47b214c288584d3f72e2e638a0509f362242

    • SHA512

      9e64286df3f4d05a53612a3595650d498c58d0125e1e07c9bcb3df17bd235c5a31cabfa9189730e27e6b70d431da1dfe4548695f16c02fa99a333cd0fa0e31f8

    • SSDEEP

      3072:d/wr2H0i800SLxnrkqcx1WdTCn93OGey/ZhJakrPF:j0in9nr1caTCndOGeKTaG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks