General

  • Target

    d850c481ac2c614ce504f246cb4d7370_NEIKI

  • Size

    276KB

  • Sample

    240509-djwfnafa2y

  • MD5

    d850c481ac2c614ce504f246cb4d7370

  • SHA1

    3152b6540ef5a69cecd19a96210f7cef980e5fb2

  • SHA256

    392b8ac1c42bcfc8d69ddb448d1bbedc48fe4da16d347d489433f3db4dbe5433

  • SHA512

    6db94579be57290056c3f3cde12c4742eb044f11f0193f25658255895e79db5a0680f15007ea08123cc71673ac1423805779c2c8563b108967d3390c5e65e58e

  • SSDEEP

    6144:M29/mNORLSdn7MUZst5qXsunbLwMddjPXmF6EC1LlzxAKN+xTU5AX/KXWZCKl/j:M29/HR+pMUQunbpd/mF6ECJlzxAKN2Xh

Malware Config

Targets

    • Target

      d850c481ac2c614ce504f246cb4d7370_NEIKI

    • Size

      276KB

    • MD5

      d850c481ac2c614ce504f246cb4d7370

    • SHA1

      3152b6540ef5a69cecd19a96210f7cef980e5fb2

    • SHA256

      392b8ac1c42bcfc8d69ddb448d1bbedc48fe4da16d347d489433f3db4dbe5433

    • SHA512

      6db94579be57290056c3f3cde12c4742eb044f11f0193f25658255895e79db5a0680f15007ea08123cc71673ac1423805779c2c8563b108967d3390c5e65e58e

    • SSDEEP

      6144:M29/mNORLSdn7MUZst5qXsunbLwMddjPXmF6EC1LlzxAKN+xTU5AX/KXWZCKl/j:M29/HR+pMUQunbpd/mF6ECJlzxAKN2Xh

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks