General

  • Target

    d9e1a53c7c51a8ce887d324a51a0bef0_NEIKI

  • Size

    115KB

  • Sample

    240509-dm5hqsaa95

  • MD5

    d9e1a53c7c51a8ce887d324a51a0bef0

  • SHA1

    aaf1c27ad5516f664296265bef77871f1e86a449

  • SHA256

    d719c2a3909545bcb191f35f2eca9907dbb342220a8cd90f32957777ad8a4a5d

  • SHA512

    71e9551b78ebb8cac2b15bb9d93388732de7a1200b3d13d914dd89a3909352bf43f9d333fe51bd0a245e0ac981674dde1f7e8f45faaaff5279a69d9e2b045723

  • SSDEEP

    1536:9r2pi24a1jcJK2L3yvCbrIRQW1ooQUPRMcu30MUwZkTKr4:tJ2bct3dbrIR/SoQUP5u30KqTKr4

Malware Config

Targets

    • Target

      d9e1a53c7c51a8ce887d324a51a0bef0_NEIKI

    • Size

      115KB

    • MD5

      d9e1a53c7c51a8ce887d324a51a0bef0

    • SHA1

      aaf1c27ad5516f664296265bef77871f1e86a449

    • SHA256

      d719c2a3909545bcb191f35f2eca9907dbb342220a8cd90f32957777ad8a4a5d

    • SHA512

      71e9551b78ebb8cac2b15bb9d93388732de7a1200b3d13d914dd89a3909352bf43f9d333fe51bd0a245e0ac981674dde1f7e8f45faaaff5279a69d9e2b045723

    • SSDEEP

      1536:9r2pi24a1jcJK2L3yvCbrIRQW1ooQUPRMcu30MUwZkTKr4:tJ2bct3dbrIR/SoQUP5u30KqTKr4

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks