General

  • Target

    dbfe999e777b82f45e79efa372cc4b50_NEIKI

  • Size

    391KB

  • Sample

    240509-dstnesad86

  • MD5

    dbfe999e777b82f45e79efa372cc4b50

  • SHA1

    c65ab864485f959e7c6babb721f21c240b9bd900

  • SHA256

    8341f7d9cac3cbfedb9f2d6736e31ce01e161405fcd99d73ecce4df52f1be7ca

  • SHA512

    3b8ae8b2ebdb8ab16606a6b073d43d9d6f584e0f01f92386334a7f5970a032c0d6f07fb5677c9ca8b957e4d8a68aefe11af67a2e541d4506dfc577ab708e71c9

  • SSDEEP

    12288:ru0IBzT9XvEhdfJkKSkU3kHyuaRB5t6k0IJogZ+SZE:yB39XvEhdfJkKSkU3kHyuaRB5t6k0IJm

Malware Config

Targets

    • Target

      dbfe999e777b82f45e79efa372cc4b50_NEIKI

    • Size

      391KB

    • MD5

      dbfe999e777b82f45e79efa372cc4b50

    • SHA1

      c65ab864485f959e7c6babb721f21c240b9bd900

    • SHA256

      8341f7d9cac3cbfedb9f2d6736e31ce01e161405fcd99d73ecce4df52f1be7ca

    • SHA512

      3b8ae8b2ebdb8ab16606a6b073d43d9d6f584e0f01f92386334a7f5970a032c0d6f07fb5677c9ca8b957e4d8a68aefe11af67a2e541d4506dfc577ab708e71c9

    • SSDEEP

      12288:ru0IBzT9XvEhdfJkKSkU3kHyuaRB5t6k0IJogZ+SZE:yB39XvEhdfJkKSkU3kHyuaRB5t6k0IJm

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks