General

  • Target

    eadbf55130e2a1fd307c493add431b80_NEIKI

  • Size

    416KB

  • Sample

    240509-essa2aaa5v

  • MD5

    eadbf55130e2a1fd307c493add431b80

  • SHA1

    bf4e617a6c279e1c0620184ef427f352fac5f246

  • SHA256

    dbef945e6845e1e42b33d573bc929f1126b3ab57c463013b4979ee9f526f0253

  • SHA512

    c6808f2e224cf056364f4e87c7571fa04956b29d97a56fc4d3a3c2ba6c8287dd8ca5a4d9dd69f495ea654362e7ba77984e7c0c1882f48357c61304f57c8af2dc

  • SSDEEP

    12288:cgIWyYJ07kE0KoFtw2gu9RxrBIUbPLwH96/I0lOZ0vbqFB:xyYJ07kE0KoFtw2gu9RxrBIUbPLwH96I

Malware Config

Targets

    • Target

      eadbf55130e2a1fd307c493add431b80_NEIKI

    • Size

      416KB

    • MD5

      eadbf55130e2a1fd307c493add431b80

    • SHA1

      bf4e617a6c279e1c0620184ef427f352fac5f246

    • SHA256

      dbef945e6845e1e42b33d573bc929f1126b3ab57c463013b4979ee9f526f0253

    • SHA512

      c6808f2e224cf056364f4e87c7571fa04956b29d97a56fc4d3a3c2ba6c8287dd8ca5a4d9dd69f495ea654362e7ba77984e7c0c1882f48357c61304f57c8af2dc

    • SSDEEP

      12288:cgIWyYJ07kE0KoFtw2gu9RxrBIUbPLwH96/I0lOZ0vbqFB:xyYJ07kE0KoFtw2gu9RxrBIUbPLwH96I

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks