General

  • Target

    e8436fe0bc785c2adfdbb90ee01bf940_NEIKI

  • Size

    227KB

  • Sample

    240509-elxxyacd92

  • MD5

    e8436fe0bc785c2adfdbb90ee01bf940

  • SHA1

    2dc8f51e8096884e2d4281b5d19115b84fce5e0b

  • SHA256

    5159741fa3b30d530c42d194ca0f41feea31d70ce8f3a5622722301bd0022d6b

  • SHA512

    eb2ffafe679164af262ab2a6785847d412cd5aa16f13ffcdc6c52c8201b5c72c86fab2bd6e22a746597c4eda4e38f1ec9e48219fc834b538f89f4c2180c3022d

  • SSDEEP

    3072:D/K6XsJFGcHeydpwoTRBmDRGGurhUXvBj2QE2HegPelTeIdI7jFHu:DCqs/Gc+jm7U5j2QE2+g24Id2jFHu

Malware Config

Targets

    • Target

      e8436fe0bc785c2adfdbb90ee01bf940_NEIKI

    • Size

      227KB

    • MD5

      e8436fe0bc785c2adfdbb90ee01bf940

    • SHA1

      2dc8f51e8096884e2d4281b5d19115b84fce5e0b

    • SHA256

      5159741fa3b30d530c42d194ca0f41feea31d70ce8f3a5622722301bd0022d6b

    • SHA512

      eb2ffafe679164af262ab2a6785847d412cd5aa16f13ffcdc6c52c8201b5c72c86fab2bd6e22a746597c4eda4e38f1ec9e48219fc834b538f89f4c2180c3022d

    • SSDEEP

      3072:D/K6XsJFGcHeydpwoTRBmDRGGurhUXvBj2QE2HegPelTeIdI7jFHu:DCqs/Gc+jm7U5j2QE2+g24Id2jFHu

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks