General

  • Target

    dbf475ac836004e076e06de0e76c7a40_NEIKI

  • Size

    459KB

  • Sample

    240509-dsngeafe7x

  • MD5

    dbf475ac836004e076e06de0e76c7a40

  • SHA1

    c289dbc957f0520466d907862213eb5c610bf3a6

  • SHA256

    d0aeda01ebeb7f233bf4fb5557efdc9c0dbee27dae8e0bc7eff1e3eeb0f5a1d1

  • SHA512

    743253ffa131c09afaedeebdfc99a02b6aa59fd78b6d1506bc6ce678cd6c12110821a859f4a072b554c97ab0bc073b2d3eebb0e59f7e029da373601f4e095dbc

  • SSDEEP

    12288:wwIaJwIKfDy/phgeczlqczZd7LFB3oFHoGnFjVZnykJGvpHGdt:wwLJwFfDy/phgeczlqczZd7LFB3oFHo6

Malware Config

Targets

    • Target

      dbf475ac836004e076e06de0e76c7a40_NEIKI

    • Size

      459KB

    • MD5

      dbf475ac836004e076e06de0e76c7a40

    • SHA1

      c289dbc957f0520466d907862213eb5c610bf3a6

    • SHA256

      d0aeda01ebeb7f233bf4fb5557efdc9c0dbee27dae8e0bc7eff1e3eeb0f5a1d1

    • SHA512

      743253ffa131c09afaedeebdfc99a02b6aa59fd78b6d1506bc6ce678cd6c12110821a859f4a072b554c97ab0bc073b2d3eebb0e59f7e029da373601f4e095dbc

    • SSDEEP

      12288:wwIaJwIKfDy/phgeczlqczZd7LFB3oFHoGnFjVZnykJGvpHGdt:wwLJwFfDy/phgeczlqczZd7LFB3oFHo6

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks