General

  • Target

    da9040d68ce072cbd91ea0775e1c7940_NEIKI

  • Size

    367KB

  • Sample

    240509-dphrraab84

  • MD5

    da9040d68ce072cbd91ea0775e1c7940

  • SHA1

    4d630515c2c21a46a4d4eaed21602704b6554dde

  • SHA256

    faa31f2b14a0e1f1a8ae2ac2648c121165e6f95c5f0d2481c0207659b0a9684d

  • SHA512

    601471f4e6078e3ebdad86c3686692b89926f45ccffe0ca264ee30a5a5ce6cc4e8282e964bf6b752017a267d788d6297c8f83ac5269879212b08ebf638096331

  • SSDEEP

    6144:wburFeptnJfKXqPTX7D7FM6234lKm3mo8Yvi4KsLTFM6234lKm3cM9:wOetJCXqP77D7FB24lwR45FB24lqM

Malware Config

Targets

    • Target

      da9040d68ce072cbd91ea0775e1c7940_NEIKI

    • Size

      367KB

    • MD5

      da9040d68ce072cbd91ea0775e1c7940

    • SHA1

      4d630515c2c21a46a4d4eaed21602704b6554dde

    • SHA256

      faa31f2b14a0e1f1a8ae2ac2648c121165e6f95c5f0d2481c0207659b0a9684d

    • SHA512

      601471f4e6078e3ebdad86c3686692b89926f45ccffe0ca264ee30a5a5ce6cc4e8282e964bf6b752017a267d788d6297c8f83ac5269879212b08ebf638096331

    • SSDEEP

      6144:wburFeptnJfKXqPTX7D7FM6234lKm3mo8Yvi4KsLTFM6234lKm3cM9:wOetJCXqP77D7FB24lwR45FB24lqM

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks