General

  • Target

    d6c87d9e8edf5ac75d48a8af6d6bb270_NEIKI

  • Size

    115KB

  • Sample

    240509-dfmdkseg4y

  • MD5

    d6c87d9e8edf5ac75d48a8af6d6bb270

  • SHA1

    198c41fb19eee70b74cefd7c65cd37ec1596d52b

  • SHA256

    29eed7aaf34ee6e92f2f99cb30ad60d082714ff5f06d6df0009d2c374c1d208a

  • SHA512

    55b37848362eac04e11b048d762fd6f38884e4e2eeab31f2f61ab84b3c717a6ed6ef2e2e266e395cd6d3578c1004a40f7897c43e287ec3d88bc5821465b3d00d

  • SSDEEP

    3072:Isz6DQruRN75RPTXYwggSUdbrIR/SoQUP5u30KqTKr4:Isz8VHqUhrIooQUPoDqTKE

Malware Config

Targets

    • Target

      d6c87d9e8edf5ac75d48a8af6d6bb270_NEIKI

    • Size

      115KB

    • MD5

      d6c87d9e8edf5ac75d48a8af6d6bb270

    • SHA1

      198c41fb19eee70b74cefd7c65cd37ec1596d52b

    • SHA256

      29eed7aaf34ee6e92f2f99cb30ad60d082714ff5f06d6df0009d2c374c1d208a

    • SHA512

      55b37848362eac04e11b048d762fd6f38884e4e2eeab31f2f61ab84b3c717a6ed6ef2e2e266e395cd6d3578c1004a40f7897c43e287ec3d88bc5821465b3d00d

    • SSDEEP

      3072:Isz6DQruRN75RPTXYwggSUdbrIR/SoQUP5u30KqTKr4:Isz8VHqUhrIooQUPoDqTKE

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks