General

  • Target

    e53e4a5e5b0d3205bcaa62bbf42ae3c0_NEIKI

  • Size

    445KB

  • Sample

    240509-eevh8shb4w

  • MD5

    e53e4a5e5b0d3205bcaa62bbf42ae3c0

  • SHA1

    2b5b7be039e4435c8a1ab37cb06e8752d4bf107e

  • SHA256

    73195ef87219a545d43137ff3fc996e2ef0b6ad73ee3d850d4d2adc30a55f20b

  • SHA512

    ba4c7ae9e1b81273240e82265f118037e78c182199a3e89e9a1d97881da3269a2eb702896d4d9590b2542f5501c60dd3cf3b3f9cc05ab93363a571b521d09295

  • SSDEEP

    12288:6fACkA9pV6yYPMLnfBJKFbhDwBpV6yYP0riuoCgNbbko8JfSIuMUb1V4D0:6x9WMLnfBJKhVwBW0riuoCgNbbj8JfSr

Malware Config

Targets

    • Target

      e53e4a5e5b0d3205bcaa62bbf42ae3c0_NEIKI

    • Size

      445KB

    • MD5

      e53e4a5e5b0d3205bcaa62bbf42ae3c0

    • SHA1

      2b5b7be039e4435c8a1ab37cb06e8752d4bf107e

    • SHA256

      73195ef87219a545d43137ff3fc996e2ef0b6ad73ee3d850d4d2adc30a55f20b

    • SHA512

      ba4c7ae9e1b81273240e82265f118037e78c182199a3e89e9a1d97881da3269a2eb702896d4d9590b2542f5501c60dd3cf3b3f9cc05ab93363a571b521d09295

    • SSDEEP

      12288:6fACkA9pV6yYPMLnfBJKFbhDwBpV6yYP0riuoCgNbbko8JfSIuMUb1V4D0:6x9WMLnfBJKhVwBW0riuoCgNbbj8JfSr

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks