General

  • Target

    ea3c871ecb0be42ce7a65107fd32bea0_NEIKI

  • Size

    240KB

  • Sample

    240509-erkvkacg65

  • MD5

    ea3c871ecb0be42ce7a65107fd32bea0

  • SHA1

    d2130bdec24176afddba2903bde77bc494020dde

  • SHA256

    6292003a26db07fa68ea97ddd3c8072847453bf9603e23b8276bed6972e896d2

  • SHA512

    5f50ee7538dd43a92902d74d63a8627e83d668cf74c096719ff6b9933c8f6fb3a659ecc05d3f5806c4f8d1348eccdd37d55bc64529e208db6aeb3bcd5c0e4671

  • SSDEEP

    6144:e1hxH+Cbgwo+EcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:uxHjc+tycSly8DSUA1YHVD

Malware Config

Targets

    • Target

      ea3c871ecb0be42ce7a65107fd32bea0_NEIKI

    • Size

      240KB

    • MD5

      ea3c871ecb0be42ce7a65107fd32bea0

    • SHA1

      d2130bdec24176afddba2903bde77bc494020dde

    • SHA256

      6292003a26db07fa68ea97ddd3c8072847453bf9603e23b8276bed6972e896d2

    • SHA512

      5f50ee7538dd43a92902d74d63a8627e83d668cf74c096719ff6b9933c8f6fb3a659ecc05d3f5806c4f8d1348eccdd37d55bc64529e208db6aeb3bcd5c0e4671

    • SSDEEP

      6144:e1hxH+Cbgwo+EcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:uxHjc+tycSly8DSUA1YHVD

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks