General

  • Target

    e6b4ef41736820dd82dd141a747abce0_NEIKI

  • Size

    391KB

  • Sample

    240509-ehs5kshd4x

  • MD5

    e6b4ef41736820dd82dd141a747abce0

  • SHA1

    9de5dfe1e912e05acfab6249775f9e1b3379fe66

  • SHA256

    6adb23343b1ea114f98ccd55c18dcfbca680e46f4d2b384e8ffea7c785b9d26f

  • SHA512

    8af1adcbd70cdeafca48aba6884a529a89e21efcd1eb381feedd3df79ae0bbfb2d27396cfbc043d109616989b501becd7ad14c5743678f720d9279bd253293b2

  • SSDEEP

    12288:jOqwiT9XvEhdfJkKSkU3kHyuaRB5t6k0IJogZ+SZE:Wu9XvEhdfJkKSkU3kHyuaRB5t6k0IJon

Malware Config

Targets

    • Target

      e6b4ef41736820dd82dd141a747abce0_NEIKI

    • Size

      391KB

    • MD5

      e6b4ef41736820dd82dd141a747abce0

    • SHA1

      9de5dfe1e912e05acfab6249775f9e1b3379fe66

    • SHA256

      6adb23343b1ea114f98ccd55c18dcfbca680e46f4d2b384e8ffea7c785b9d26f

    • SHA512

      8af1adcbd70cdeafca48aba6884a529a89e21efcd1eb381feedd3df79ae0bbfb2d27396cfbc043d109616989b501becd7ad14c5743678f720d9279bd253293b2

    • SSDEEP

      12288:jOqwiT9XvEhdfJkKSkU3kHyuaRB5t6k0IJogZ+SZE:Wu9XvEhdfJkKSkU3kHyuaRB5t6k0IJon

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks