General

  • Target

    e9d3f07a6e6d8cc459fe917fe89b6a20_NEIKI

  • Size

    229KB

  • Sample

    240509-eqqdnahh4z

  • MD5

    e9d3f07a6e6d8cc459fe917fe89b6a20

  • SHA1

    3e778983045cba7c848f912a055cb1c81150d247

  • SHA256

    7e13771fca114f903f472c3e475912ef1e2c51fbf768f5abdf2733f58cc1106b

  • SHA512

    5b281d8472447dae5fc4f972af53fa017d3e308c883d490e7175d659f26d110e66ae362f0f4d504b7d5556f55541fac705255f3c680baa8eb010c24289c1b4ed

  • SSDEEP

    6144:vwxuTiRUyI271+HZ/pvkym/89bYEwPhCKvav:oATwUc7AIfFfvav

Malware Config

Targets

    • Target

      e9d3f07a6e6d8cc459fe917fe89b6a20_NEIKI

    • Size

      229KB

    • MD5

      e9d3f07a6e6d8cc459fe917fe89b6a20

    • SHA1

      3e778983045cba7c848f912a055cb1c81150d247

    • SHA256

      7e13771fca114f903f472c3e475912ef1e2c51fbf768f5abdf2733f58cc1106b

    • SHA512

      5b281d8472447dae5fc4f972af53fa017d3e308c883d490e7175d659f26d110e66ae362f0f4d504b7d5556f55541fac705255f3c680baa8eb010c24289c1b4ed

    • SSDEEP

      6144:vwxuTiRUyI271+HZ/pvkym/89bYEwPhCKvav:oATwUc7AIfFfvav

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks