General

  • Target

    d4c6811174e2a531e04665066a968ed0_NEIKI

  • Size

    177KB

  • Sample

    240509-da2lbaed8v

  • MD5

    d4c6811174e2a531e04665066a968ed0

  • SHA1

    90cfd2e7bea845a3a004119d6154e67375190282

  • SHA256

    82cd66a80ca8ed83cad5c0aefaa903d58f4f2b9892494e12ba85eb36722ddd8d

  • SHA512

    0bca210c00a2115113564d4b2cc9f5f8f45453c1aaeea2d7034141187444b046e4a5569bc31e72803910623b7f40f6863c0cb1357c0558fa2cc1025ebec802b3

  • SSDEEP

    3072:Sqdztmu67tOgHig3q/haR5sS+vfvLHhjh8g1eGFyOsa:SKzMfbCga/harSvLHh98gwG0ON

Malware Config

Targets

    • Target

      d4c6811174e2a531e04665066a968ed0_NEIKI

    • Size

      177KB

    • MD5

      d4c6811174e2a531e04665066a968ed0

    • SHA1

      90cfd2e7bea845a3a004119d6154e67375190282

    • SHA256

      82cd66a80ca8ed83cad5c0aefaa903d58f4f2b9892494e12ba85eb36722ddd8d

    • SHA512

      0bca210c00a2115113564d4b2cc9f5f8f45453c1aaeea2d7034141187444b046e4a5569bc31e72803910623b7f40f6863c0cb1357c0558fa2cc1025ebec802b3

    • SSDEEP

      3072:Sqdztmu67tOgHig3q/haR5sS+vfvLHhjh8g1eGFyOsa:SKzMfbCga/harSvLHh98gwG0ON

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks