General

  • Target

    dbaba499ed468df8d134918449c8ca40_NEIKI

  • Size

    1000KB

  • Sample

    240509-dr286sad38

  • MD5

    dbaba499ed468df8d134918449c8ca40

  • SHA1

    422740c28977b4ed87fca71e8696a679ca010b2d

  • SHA256

    426e047cbbac0ff203852c2b4d4cfd5246b1a3a54fc07f4ee6111f671f134ada

  • SHA512

    dcbcd90ab9ea187fb4e5d2e488bb2501502ca53eab8656075000638a41413486cabb16dc86ed5ae1f4fa3b0a77c529cc33af287ac1e267aaf9881814d3c3d1b8

  • SSDEEP

    24576:yJvIUttHBFLPj3btStuv40arYciakobDlsa2VIGqPWYvyAN58WJm8MoC9Dq9o7:yJvjtHBFLPj3JStuv40ar7iarbDlsa2D

Malware Config

Targets

    • Target

      dbaba499ed468df8d134918449c8ca40_NEIKI

    • Size

      1000KB

    • MD5

      dbaba499ed468df8d134918449c8ca40

    • SHA1

      422740c28977b4ed87fca71e8696a679ca010b2d

    • SHA256

      426e047cbbac0ff203852c2b4d4cfd5246b1a3a54fc07f4ee6111f671f134ada

    • SHA512

      dcbcd90ab9ea187fb4e5d2e488bb2501502ca53eab8656075000638a41413486cabb16dc86ed5ae1f4fa3b0a77c529cc33af287ac1e267aaf9881814d3c3d1b8

    • SSDEEP

      24576:yJvIUttHBFLPj3btStuv40arYciakobDlsa2VIGqPWYvyAN58WJm8MoC9Dq9o7:yJvjtHBFLPj3JStuv40ar7iarbDlsa2D

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks