General

  • Target

    d4e0b694e4e5668e13288d282cf9caa0_NEIKI

  • Size

    340KB

  • Sample

    240509-dbfp8sed9y

  • MD5

    d4e0b694e4e5668e13288d282cf9caa0

  • SHA1

    23202ba2adbccaf8596852968b78f4be303cffb8

  • SHA256

    7bff3fba1864af020b9651ba68deb1b7bd8637490b2a9ce26300ccf92970ef75

  • SHA512

    4f9193614e6db91f1d8a8b733fa23c0e43cce9f812f901cb32a91e7407a4ba041e5e9986015091a8b6ce5c645abac5f73b3798bc0ad101c0526e1838a06e88a8

  • SSDEEP

    6144:0I8jBdidIyedZwlNPjLs+H8rtMsQBJyJyymeH:NeBJyGZwlNPjLYRMsXJvmeH

Malware Config

Targets

    • Target

      d4e0b694e4e5668e13288d282cf9caa0_NEIKI

    • Size

      340KB

    • MD5

      d4e0b694e4e5668e13288d282cf9caa0

    • SHA1

      23202ba2adbccaf8596852968b78f4be303cffb8

    • SHA256

      7bff3fba1864af020b9651ba68deb1b7bd8637490b2a9ce26300ccf92970ef75

    • SHA512

      4f9193614e6db91f1d8a8b733fa23c0e43cce9f812f901cb32a91e7407a4ba041e5e9986015091a8b6ce5c645abac5f73b3798bc0ad101c0526e1838a06e88a8

    • SSDEEP

      6144:0I8jBdidIyedZwlNPjLs+H8rtMsQBJyJyymeH:NeBJyGZwlNPjLYRMsXJvmeH

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks