General

  • Target

    4d35e206bf29454755b9687546f842e0_NeikiAnalytics

  • Size

    300KB

  • Sample

    240509-q3l3jsfe52

  • MD5

    4d35e206bf29454755b9687546f842e0

  • SHA1

    ab6a7a83fa504089cf0cc76ba8623170f9186118

  • SHA256

    c25230dd5ab3d8f2b6d664e0cb86ca9e4717e78af5fe4bf504100bcd7f417782

  • SHA512

    1f208b70d0bf48aca4e5cf673857ae0afd97b27b2a7bd8db919a8d985c307a76a69d0aa3a10ad045d8299214be4b7621b5507682154c9299d69539d3b7565d60

  • SSDEEP

    6144:TKhloc4tqufhcmoZjwszeXmr8SeNpgdyuH1l+/Wd:TKhlocyymCjb87g4/c

Malware Config

Targets

    • Target

      4d35e206bf29454755b9687546f842e0_NeikiAnalytics

    • Size

      300KB

    • MD5

      4d35e206bf29454755b9687546f842e0

    • SHA1

      ab6a7a83fa504089cf0cc76ba8623170f9186118

    • SHA256

      c25230dd5ab3d8f2b6d664e0cb86ca9e4717e78af5fe4bf504100bcd7f417782

    • SHA512

      1f208b70d0bf48aca4e5cf673857ae0afd97b27b2a7bd8db919a8d985c307a76a69d0aa3a10ad045d8299214be4b7621b5507682154c9299d69539d3b7565d60

    • SSDEEP

      6144:TKhloc4tqufhcmoZjwszeXmr8SeNpgdyuH1l+/Wd:TKhlocyymCjb87g4/c

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks