General

  • Target

    d5392a54526c217553ed1be22db63f20_NEIKI

  • Size

    125KB

  • Sample

    240509-db43tshc88

  • MD5

    d5392a54526c217553ed1be22db63f20

  • SHA1

    7f95c29c9c347c87ffbf5cf4b3f70da55a7698d5

  • SHA256

    4f9cfab6217efa76b3c030cf377874aa45a51c176b695f8c3c97860ee179df60

  • SHA512

    4cd480e5acfca1787c6dff79f65d244d8c18bc1ca78e7bd1512f529819033a7bfd434835c7e66c7b3ee55a0d29658db5c217565bf7cf3fe57175566c8074350a

  • SSDEEP

    3072:wJNRzgHklhvygjo4cd1WdTCn93OGey/ZhJakrPF:wJ7gHkPvyg84ceTCndOGeKTaG

Malware Config

Targets

    • Target

      d5392a54526c217553ed1be22db63f20_NEIKI

    • Size

      125KB

    • MD5

      d5392a54526c217553ed1be22db63f20

    • SHA1

      7f95c29c9c347c87ffbf5cf4b3f70da55a7698d5

    • SHA256

      4f9cfab6217efa76b3c030cf377874aa45a51c176b695f8c3c97860ee179df60

    • SHA512

      4cd480e5acfca1787c6dff79f65d244d8c18bc1ca78e7bd1512f529819033a7bfd434835c7e66c7b3ee55a0d29658db5c217565bf7cf3fe57175566c8074350a

    • SSDEEP

      3072:wJNRzgHklhvygjo4cd1WdTCn93OGey/ZhJakrPF:wJ7gHkPvyg84ceTCndOGeKTaG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks