General

  • Target

    e36868f3861403439f3e12b15b964270_NEIKI

  • Size

    357KB

  • Sample

    240509-eammtsgg7w

  • MD5

    e36868f3861403439f3e12b15b964270

  • SHA1

    ceb7c18c0203662283aafee88719ff1fc7027232

  • SHA256

    6f262038fc547f0fa84aac3c00863985cc332e538a442a4752155fcfb194b1a2

  • SHA512

    101a69a0f545f16c38a26f3633f9cbea6e8f96b51480eb0a64c1f379d36552ecc076ceb1a83c8b040085a651d4dc06e172b4d0f7be37195eb27e41b998ad03c0

  • SSDEEP

    6144:usftnUHAqPmwr1n6xJmPMwZoXpKtCe8AUReheFlfSZR0SvsuFrGoyeg3kl+fiXFf:usft8AqPtZoXpKtCe1eehil6ZR5ZrQe7

Malware Config

Targets

    • Target

      e36868f3861403439f3e12b15b964270_NEIKI

    • Size

      357KB

    • MD5

      e36868f3861403439f3e12b15b964270

    • SHA1

      ceb7c18c0203662283aafee88719ff1fc7027232

    • SHA256

      6f262038fc547f0fa84aac3c00863985cc332e538a442a4752155fcfb194b1a2

    • SHA512

      101a69a0f545f16c38a26f3633f9cbea6e8f96b51480eb0a64c1f379d36552ecc076ceb1a83c8b040085a651d4dc06e172b4d0f7be37195eb27e41b998ad03c0

    • SSDEEP

      6144:usftnUHAqPmwr1n6xJmPMwZoXpKtCe8AUReheFlfSZR0SvsuFrGoyeg3kl+fiXFf:usft8AqPtZoXpKtCe1eehil6ZR5ZrQe7

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks