Overview

overview

10

Static

static

10

eea0515d52...KI.exe

windows7-x64

10

eea0515d52...KI.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    eea0515d52ebc7ea40fa334aeb47a840_NEIKI

  • Size

    305KB

  • Sample

    240509-e133hadd39

  • MD5

    eea0515d52ebc7ea40fa334aeb47a840

  • SHA1

    c5647eaa4738da087e4d1af27e3da3a63c88c30e

  • SHA256

    77c5fcf35eb6ed3285a3978296c30baf31f4ab7e0e800c0abc491b843b160e5b

  • SHA512

    080c26675af531af80a920b9f6a5192f2bfd397996424c9f4319f05111cb04a47835539700b6625c0eb0089380631a669b8c666ae340c6638f03e0440fe3d818

  • SSDEEP

    6144:jsR3uim1w1quaNxunXe8yhrtMsQBvli+RQFdq:jsR3uXpvAO8qRMsrOQF

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      eea0515d52ebc7ea40fa334aeb47a840_NEIKI

    • Size

      305KB

    • MD5

      eea0515d52ebc7ea40fa334aeb47a840

    • SHA1

      c5647eaa4738da087e4d1af27e3da3a63c88c30e

    • SHA256

      77c5fcf35eb6ed3285a3978296c30baf31f4ab7e0e800c0abc491b843b160e5b

    • SHA512

      080c26675af531af80a920b9f6a5192f2bfd397996424c9f4319f05111cb04a47835539700b6625c0eb0089380631a669b8c666ae340c6638f03e0440fe3d818

    • SSDEEP

      6144:jsR3uim1w1quaNxunXe8yhrtMsQBvli+RQFdq:jsR3uXpvAO8qRMsrOQF

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks