General

  • Target

    e90846ab77eff9363294e7d392dbd1a0_NEIKI

  • Size

    229KB

  • Sample

    240509-ense8scf23

  • MD5

    e90846ab77eff9363294e7d392dbd1a0

  • SHA1

    99014c844d21a87a12fc9185af26bd1fe9f7721e

  • SHA256

    3eac4cd77e54e0161653178816aa6b357c1984da875b940046876859f5aa35c4

  • SHA512

    27cd3f55b3cf178535aa6bd1ddf20ac65043acdd095a01ad4de448e08172aeb7a02467f44a9400dca9e21c382ad6bf98fe5690413d0cbb40f0993ffa776cd3ce

  • SSDEEP

    6144:IxG0evT6s7PUb271+HZ/pvkym/89bYEwPhCKvav:IxhevT6aV7AIfFfvav

Malware Config

Targets

    • Target

      e90846ab77eff9363294e7d392dbd1a0_NEIKI

    • Size

      229KB

    • MD5

      e90846ab77eff9363294e7d392dbd1a0

    • SHA1

      99014c844d21a87a12fc9185af26bd1fe9f7721e

    • SHA256

      3eac4cd77e54e0161653178816aa6b357c1984da875b940046876859f5aa35c4

    • SHA512

      27cd3f55b3cf178535aa6bd1ddf20ac65043acdd095a01ad4de448e08172aeb7a02467f44a9400dca9e21c382ad6bf98fe5690413d0cbb40f0993ffa776cd3ce

    • SSDEEP

      6144:IxG0evT6s7PUb271+HZ/pvkym/89bYEwPhCKvav:IxhevT6aV7AIfFfvav

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks