General

  • Target

    d9f1716d4b16fc95d8b7c1c1eaa50110_NEIKI

  • Size

    345KB

  • Sample

    240509-dnb8ksab27

  • MD5

    d9f1716d4b16fc95d8b7c1c1eaa50110

  • SHA1

    847e238e27c651572331c3736a387c41a0ec674f

  • SHA256

    e629d8194da7c293616f67d1cda50ab7907fb4c5242eb533fa59fe7a89ff8e32

  • SHA512

    bd5bd346250b15d4a56b16204c2366975f5eef7c9f39335e1cafbee44041430395ba393c71350e6b90e0a80d8103fec3a01d1113d71b7a95d1d737435fc1c96c

  • SSDEEP

    6144:CFPQM6MaB4muz14QaYgTt+scaHACw6Ykw/a8dWBtp27DpomqcPMwNFN6aeK9kc:OPQ11uznghoaHACwBkka8eGp7dPRr6af

Malware Config

Targets

    • Target

      d9f1716d4b16fc95d8b7c1c1eaa50110_NEIKI

    • Size

      345KB

    • MD5

      d9f1716d4b16fc95d8b7c1c1eaa50110

    • SHA1

      847e238e27c651572331c3736a387c41a0ec674f

    • SHA256

      e629d8194da7c293616f67d1cda50ab7907fb4c5242eb533fa59fe7a89ff8e32

    • SHA512

      bd5bd346250b15d4a56b16204c2366975f5eef7c9f39335e1cafbee44041430395ba393c71350e6b90e0a80d8103fec3a01d1113d71b7a95d1d737435fc1c96c

    • SSDEEP

      6144:CFPQM6MaB4muz14QaYgTt+scaHACw6Ykw/a8dWBtp27DpomqcPMwNFN6aeK9kc:OPQ11uznghoaHACwBkka8eGp7dPRr6af

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks