General

  • Target

    d968cdcebfc5d9147f9821bf088ed4e0_NEIKI

  • Size

    187KB

  • Sample

    240509-dl8h1afb5v

  • MD5

    d968cdcebfc5d9147f9821bf088ed4e0

  • SHA1

    3674645e3c00bc568fdffee16a3236622aef3273

  • SHA256

    d84febb56033e0e56793f042cf0c5fc32a7b90f05b2cd892f0434c7e5f2c98e2

  • SHA512

    46f116adb7f474e515e27c04180b8219425fc69b820a4db81f0453da6ff50d66571995117b97b5291d986d3699f9a14298ad54bca92fa492f6733f0cd9eb396c

  • SSDEEP

    3072:RKPdlg2HmZP2rJWxbq7H+npMHnY/ehZl2NkzwH5GJks8WYlOWe7VsayDZVZev1N:RedlZG9iWxbq7H+npMHYWT9zwZ9s8SZN

Malware Config

Targets

    • Target

      d968cdcebfc5d9147f9821bf088ed4e0_NEIKI

    • Size

      187KB

    • MD5

      d968cdcebfc5d9147f9821bf088ed4e0

    • SHA1

      3674645e3c00bc568fdffee16a3236622aef3273

    • SHA256

      d84febb56033e0e56793f042cf0c5fc32a7b90f05b2cd892f0434c7e5f2c98e2

    • SHA512

      46f116adb7f474e515e27c04180b8219425fc69b820a4db81f0453da6ff50d66571995117b97b5291d986d3699f9a14298ad54bca92fa492f6733f0cd9eb396c

    • SSDEEP

      3072:RKPdlg2HmZP2rJWxbq7H+npMHnY/ehZl2NkzwH5GJks8WYlOWe7VsayDZVZev1N:RedlZG9iWxbq7H+npMHYWT9zwZ9s8SZN

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks