General

  • Target

    ea1473019e8e915a7f5611608cda8ac0_NEIKI

  • Size

    141KB

  • Sample

    240509-era1cscg54

  • MD5

    ea1473019e8e915a7f5611608cda8ac0

  • SHA1

    acf88fc5e365b92a0350ea2803775f751e32c7e0

  • SHA256

    a5a62cd80048f1fe55b279af6d4e87dc7e67b4976c301e89034bece38e6634ed

  • SHA512

    2e770d1cd8de063275dd30b8a6787548b84d39332fc38ba9d5614308db06365c33d8ce9de076e5923433a7a2a35afbc36baa3ad2d2da72b438604163df147569

  • SSDEEP

    3072:WrpUpTyftENeby0Lv8Vry/Pe5N0fB7Iu3F4wQ9bGCmBJFWpoPSkGFj/p7sW0l:W1UTyvy0Lv8VW/m5N0H3F4N9bGCKJFt7

Malware Config

Targets

    • Target

      ea1473019e8e915a7f5611608cda8ac0_NEIKI

    • Size

      141KB

    • MD5

      ea1473019e8e915a7f5611608cda8ac0

    • SHA1

      acf88fc5e365b92a0350ea2803775f751e32c7e0

    • SHA256

      a5a62cd80048f1fe55b279af6d4e87dc7e67b4976c301e89034bece38e6634ed

    • SHA512

      2e770d1cd8de063275dd30b8a6787548b84d39332fc38ba9d5614308db06365c33d8ce9de076e5923433a7a2a35afbc36baa3ad2d2da72b438604163df147569

    • SSDEEP

      3072:WrpUpTyftENeby0Lv8Vry/Pe5N0fB7Iu3F4wQ9bGCmBJFWpoPSkGFj/p7sW0l:W1UTyvy0Lv8VW/m5N0H3F4N9bGCKJFt7

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks