General

  • Target

    e835849343996eea2a73b74946e92c70_NEIKI

  • Size

    416KB

  • Sample

    240509-elndhacd82

  • MD5

    e835849343996eea2a73b74946e92c70

  • SHA1

    ad969de73e46a51704f7f35544975fd31dcddf15

  • SHA256

    4e8d9e67052435c4123b7bbee0af11ad005a823cde48f76186965024d5ab8ccc

  • SHA512

    4f94bae3c09d2feba4f8bc563095efa64c6fc899b7211ea090aa75f26e94e36c7b27dbb2f9354215d5077cf1645aea880504d74df792b9fccbbf18e401ebce17

  • SSDEEP

    12288:poqFTQPYJ07kE0KoFtw2gu9RxrBIUbPLwH96/I0lOZ0vbqFB:6yTQPYJ07kE0KoFtw2gu9RxrBIUbPLwB

Malware Config

Targets

    • Target

      e835849343996eea2a73b74946e92c70_NEIKI

    • Size

      416KB

    • MD5

      e835849343996eea2a73b74946e92c70

    • SHA1

      ad969de73e46a51704f7f35544975fd31dcddf15

    • SHA256

      4e8d9e67052435c4123b7bbee0af11ad005a823cde48f76186965024d5ab8ccc

    • SHA512

      4f94bae3c09d2feba4f8bc563095efa64c6fc899b7211ea090aa75f26e94e36c7b27dbb2f9354215d5077cf1645aea880504d74df792b9fccbbf18e401ebce17

    • SSDEEP

      12288:poqFTQPYJ07kE0KoFtw2gu9RxrBIUbPLwH96/I0lOZ0vbqFB:6yTQPYJ07kE0KoFtw2gu9RxrBIUbPLwB

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks