General

  • Target

    d9a6f5e894eed868b0894b6ae1b74990_NEIKI

  • Size

    445KB

  • Sample

    240509-dmsh6saa77

  • MD5

    d9a6f5e894eed868b0894b6ae1b74990

  • SHA1

    8c37c7bfcd996b004f1cdcd43007e1e3159d1de3

  • SHA256

    ce35595d800e5f1800538e89987ac9578c922e5b675bf746d3cfd9f0dca419fb

  • SHA512

    31750ad7d113ddf6352be6b208c54056882d8e3e92744a66ef27b61de63954277b32d26d68681c039ad8d35b7204d66f1f42ef75690b2ac41c613c0807464b22

  • SSDEEP

    12288:qOeMVb0pV6yYPMLnfBJKFbhDwBpV6yYP0riuoCgNbbko8JfSIuMUb1V4D0:qOeyQWMLnfBJKhVwBW0riuoCgNbbj8Jq

Malware Config

Targets

    • Target

      d9a6f5e894eed868b0894b6ae1b74990_NEIKI

    • Size

      445KB

    • MD5

      d9a6f5e894eed868b0894b6ae1b74990

    • SHA1

      8c37c7bfcd996b004f1cdcd43007e1e3159d1de3

    • SHA256

      ce35595d800e5f1800538e89987ac9578c922e5b675bf746d3cfd9f0dca419fb

    • SHA512

      31750ad7d113ddf6352be6b208c54056882d8e3e92744a66ef27b61de63954277b32d26d68681c039ad8d35b7204d66f1f42ef75690b2ac41c613c0807464b22

    • SSDEEP

      12288:qOeMVb0pV6yYPMLnfBJKFbhDwBpV6yYP0riuoCgNbbko8JfSIuMUb1V4D0:qOeyQWMLnfBJKhVwBW0riuoCgNbbj8Jq

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks