General

  • Target

    e8f768cc6a97b84ef69dc91e5b533d20_NEIKI

  • Size

    161KB

  • Sample

    240509-enqlmshg6t

  • MD5

    e8f768cc6a97b84ef69dc91e5b533d20

  • SHA1

    cf3d0515b757a78783618b79c113b3ea06664735

  • SHA256

    e5650e03c980aeb6cd15d6f3bfedb316f41b5ed86dbf03be29b150f97b8cd902

  • SHA512

    26b73d7c82f20c5eb1e9f91b667936485d3d4e6bebe1263fc0d0230ad42589fa35403370de5bae8547e697a2d1b10423a5deb6fcb78f279042ea4a085f481987

  • SSDEEP

    3072:6gWXMkn18tROv2CQXkDwmoNSpk/VwtCJXeex7rrIRZK8K8/kv:6Hck18tRiQXww8pk/VwtmeetrIyR

Malware Config

Targets

    • Target

      e8f768cc6a97b84ef69dc91e5b533d20_NEIKI

    • Size

      161KB

    • MD5

      e8f768cc6a97b84ef69dc91e5b533d20

    • SHA1

      cf3d0515b757a78783618b79c113b3ea06664735

    • SHA256

      e5650e03c980aeb6cd15d6f3bfedb316f41b5ed86dbf03be29b150f97b8cd902

    • SHA512

      26b73d7c82f20c5eb1e9f91b667936485d3d4e6bebe1263fc0d0230ad42589fa35403370de5bae8547e697a2d1b10423a5deb6fcb78f279042ea4a085f481987

    • SSDEEP

      3072:6gWXMkn18tROv2CQXkDwmoNSpk/VwtCJXeex7rrIRZK8K8/kv:6Hck18tRiQXww8pk/VwtmeetrIyR

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks