General

  • Target

    e561884e31c36ef93333451976dc0e70_NEIKI

  • Size

    113KB

  • Sample

    240509-ee4rxaca56

  • MD5

    e561884e31c36ef93333451976dc0e70

  • SHA1

    9bdf8da09ddbf9869e952ca8eb390e8db9bbdb2e

  • SHA256

    4e86965fe958819b52723e2c4609e4c6f9165efc477abdccda640e6694845bf4

  • SHA512

    ba72aabbd037c3fe04bac1c7ffa5b9917e0efb739253b73f5af224da512e1fb9b3b18619acec32028eb44cd6147f0740bef651c507c817df62d082a0dc4473f7

  • SSDEEP

    3072:4OzYXHM/S6dPOuGkZFfFSebHWrH8wTW0:NEXHM/T27otSeWrP

Malware Config

Targets

    • Target

      e561884e31c36ef93333451976dc0e70_NEIKI

    • Size

      113KB

    • MD5

      e561884e31c36ef93333451976dc0e70

    • SHA1

      9bdf8da09ddbf9869e952ca8eb390e8db9bbdb2e

    • SHA256

      4e86965fe958819b52723e2c4609e4c6f9165efc477abdccda640e6694845bf4

    • SHA512

      ba72aabbd037c3fe04bac1c7ffa5b9917e0efb739253b73f5af224da512e1fb9b3b18619acec32028eb44cd6147f0740bef651c507c817df62d082a0dc4473f7

    • SSDEEP

      3072:4OzYXHM/S6dPOuGkZFfFSebHWrH8wTW0:NEXHM/T27otSeWrP

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks