General

  • Target

    db782480d33b2d07e96de2f769ab1f80_NEIKI

  • Size

    176KB

  • Sample

    240509-drp9lsfe2t

  • MD5

    db782480d33b2d07e96de2f769ab1f80

  • SHA1

    6d70f469810eea91a20e3b23bfd737824d0b0817

  • SHA256

    df1bda6e01ae613ea788327efab06073573f32ba3fd66ff8611b6d158458922b

  • SHA512

    822395ddaecc3edd5f7a1f524378c5c17706f8ecf97f9ea780f5e4306124703e803e3cbd3dd7f477f8e7303d81d4eb9cb89573255f9af475902b5878ad36ddeb

  • SSDEEP

    3072:bSELc46CUrUjmOiBn3w8BdTj2h33ppaS46HUF2pMXSfN6RnQShl:e/48AjVu3w8BdTj2V3ppQ60MMCf0RnQ4

Malware Config

Targets

    • Target

      db782480d33b2d07e96de2f769ab1f80_NEIKI

    • Size

      176KB

    • MD5

      db782480d33b2d07e96de2f769ab1f80

    • SHA1

      6d70f469810eea91a20e3b23bfd737824d0b0817

    • SHA256

      df1bda6e01ae613ea788327efab06073573f32ba3fd66ff8611b6d158458922b

    • SHA512

      822395ddaecc3edd5f7a1f524378c5c17706f8ecf97f9ea780f5e4306124703e803e3cbd3dd7f477f8e7303d81d4eb9cb89573255f9af475902b5878ad36ddeb

    • SSDEEP

      3072:bSELc46CUrUjmOiBn3w8BdTj2h33ppaS46HUF2pMXSfN6RnQShl:e/48AjVu3w8BdTj2V3ppQ60MMCf0RnQ4

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks