General

  • Target

    d5907eaade0cc9b295244769100a26c0_NEIKI

  • Size

    143KB

  • Sample

    240509-dcr5nahd43

  • MD5

    d5907eaade0cc9b295244769100a26c0

  • SHA1

    dea253960b4b572ed3aa96dc3d31ba280d742fc2

  • SHA256

    7b681d34c6e626286493bedb7ec844bbb3f91bfc494267ab93ced512b79a8ba0

  • SHA512

    45274e243699404c8bf85dedd6db1f5bceeb85b1313e137dee06a8735e1be41f937ae6115c8384f60e4676bd021a08c08caf03fe61c42b648688e0ece99117f4

  • SSDEEP

    3072:ipLEYeS/ZChGC31YOXg6NVjE7W/R4x+PfgOvExcG3N93bsGfhv0vt3y:ipLEn4ZX1OLNVjE7W/R4x+PnXG3vLsGf

Malware Config

Targets

    • Target

      d5907eaade0cc9b295244769100a26c0_NEIKI

    • Size

      143KB

    • MD5

      d5907eaade0cc9b295244769100a26c0

    • SHA1

      dea253960b4b572ed3aa96dc3d31ba280d742fc2

    • SHA256

      7b681d34c6e626286493bedb7ec844bbb3f91bfc494267ab93ced512b79a8ba0

    • SHA512

      45274e243699404c8bf85dedd6db1f5bceeb85b1313e137dee06a8735e1be41f937ae6115c8384f60e4676bd021a08c08caf03fe61c42b648688e0ece99117f4

    • SSDEEP

      3072:ipLEYeS/ZChGC31YOXg6NVjE7W/R4x+PfgOvExcG3N93bsGfhv0vt3y:ipLEn4ZX1OLNVjE7W/R4x+PnXG3vLsGf

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks