General

  • Target

    dc325e400c339d5626b196cde2a1c4a0_NEIKI

  • Size

    414KB

  • Sample

    240509-dtdnlaae37

  • MD5

    dc325e400c339d5626b196cde2a1c4a0

  • SHA1

    96351cd597675279fbf78ea19a2b4533d145f8d0

  • SHA256

    5ccf77e2340cfff9fa58fe79415634c7b9a232b543e40ae92e5f00ed52f1a5c1

  • SHA512

    875d98a8965426c030f9b1ffb5cf53b3df09e03da784f1fc3f0ea9684c26c5756d6d14cefea3e6ee77775508345a21ced3ac402f83d30a252b878284dd87a959

  • SSDEEP

    12288:jxtzQnNkQlzgedOGeKTaPkY660fIaDZkY660ffL:jzQNXgedOGeKTaPgsaDZgTL

Malware Config

Targets

    • Target

      dc325e400c339d5626b196cde2a1c4a0_NEIKI

    • Size

      414KB

    • MD5

      dc325e400c339d5626b196cde2a1c4a0

    • SHA1

      96351cd597675279fbf78ea19a2b4533d145f8d0

    • SHA256

      5ccf77e2340cfff9fa58fe79415634c7b9a232b543e40ae92e5f00ed52f1a5c1

    • SHA512

      875d98a8965426c030f9b1ffb5cf53b3df09e03da784f1fc3f0ea9684c26c5756d6d14cefea3e6ee77775508345a21ced3ac402f83d30a252b878284dd87a959

    • SSDEEP

      12288:jxtzQnNkQlzgedOGeKTaPkY660fIaDZkY660ffL:jzQNXgedOGeKTaPgsaDZgTL

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks