General

  • Target

    e5fece8aecf136a5fb44c9590f4aea20_NEIKI

  • Size

    374KB

  • Sample

    240509-egdnhacb25

  • MD5

    e5fece8aecf136a5fb44c9590f4aea20

  • SHA1

    ac4e754909e61022d0f2b08bfe1c79ff458bb4cc

  • SHA256

    7afe24b17774a2e06856b3f54420debcd4c232562e4de46ab2d2f9f235b530a3

  • SHA512

    d9dfbb617b31a78034c1e446e4c6054edc4d97629521deff57f3862dd70991a9495a11716fe5e34277c3674e372ee3ebbd210a32fba0cfdda66b52ad54fd22c6

  • SSDEEP

    6144:i6dx3+Eu6QnFw5+0pU8oStTf3runG/qoxfIkeI1SHkF63lngMBdkw8ZF+Y:i6DE6uidyzwr6AxfLeI1Su63lgMBdIZd

Malware Config

Targets

    • Target

      e5fece8aecf136a5fb44c9590f4aea20_NEIKI

    • Size

      374KB

    • MD5

      e5fece8aecf136a5fb44c9590f4aea20

    • SHA1

      ac4e754909e61022d0f2b08bfe1c79ff458bb4cc

    • SHA256

      7afe24b17774a2e06856b3f54420debcd4c232562e4de46ab2d2f9f235b530a3

    • SHA512

      d9dfbb617b31a78034c1e446e4c6054edc4d97629521deff57f3862dd70991a9495a11716fe5e34277c3674e372ee3ebbd210a32fba0cfdda66b52ad54fd22c6

    • SSDEEP

      6144:i6dx3+Eu6QnFw5+0pU8oStTf3runG/qoxfIkeI1SHkF63lngMBdkw8ZF+Y:i6DE6uidyzwr6AxfLeI1Su63lgMBdIZd

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks