General

  • Target

    e9a673ba6892fedf0e9bafb6f90499b0_NEIKI

  • Size

    298KB

  • Sample

    240509-ep4vnacf79

  • MD5

    e9a673ba6892fedf0e9bafb6f90499b0

  • SHA1

    149195698344d5e277dbef81e50fee8de11eb9ac

  • SHA256

    7484346939f900fca5b882fb429e249d7c41988a8205092b2cb57515f43699e1

  • SHA512

    6b7a8e8885ac3073a1ba8d9316219301680ecd29f21a58eee45f457cb91bed0e8a6507f8160bb2ef2af0cc570239c49666b856f75677b6e4fbf9f060fb235cb3

  • SSDEEP

    6144:Ox53XFrt1bouvlfuGQXnTYaT15f7o+STYaT15fJJj+ke6abT:OanTYapJoTYapxake6e

Malware Config

Targets

    • Target

      e9a673ba6892fedf0e9bafb6f90499b0_NEIKI

    • Size

      298KB

    • MD5

      e9a673ba6892fedf0e9bafb6f90499b0

    • SHA1

      149195698344d5e277dbef81e50fee8de11eb9ac

    • SHA256

      7484346939f900fca5b882fb429e249d7c41988a8205092b2cb57515f43699e1

    • SHA512

      6b7a8e8885ac3073a1ba8d9316219301680ecd29f21a58eee45f457cb91bed0e8a6507f8160bb2ef2af0cc570239c49666b856f75677b6e4fbf9f060fb235cb3

    • SSDEEP

      6144:Ox53XFrt1bouvlfuGQXnTYaT15f7o+STYaT15fJJj+ke6abT:OanTYapJoTYapxake6e

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks