General

  • Target

    410bf4628d0063a4d82896cad9d675d0_NeikiAnalytics

  • Size

    332KB

  • Sample

    240509-qgnz1sbc7x

  • MD5

    410bf4628d0063a4d82896cad9d675d0

  • SHA1

    0db2876e3e431e4a44222685bba2df589e713bdf

  • SHA256

    054536da4d9f8798f4d4676ae537224ef37c173343f7f9d45aedec3087c6189e

  • SHA512

    83f9d82fdec9ba7bcd2b7631c8d070e4fc8260f53ea8eb59ad7dd154b67edab671eebc8d403f085bc75842b66253ce2ab093f667a489558896f1f4ff65c22626

  • SSDEEP

    6144:z9TiKLwaNwMDZOQhr1R6xie8opqXgKTpgtYOWlGmMvkqAlDiyUvpQf4vt74mD50Y:BThwaNwOD1RFpogXnV4MlGN1AlDkvXvR

Malware Config

Targets

    • Target

      410bf4628d0063a4d82896cad9d675d0_NeikiAnalytics

    • Size

      332KB

    • MD5

      410bf4628d0063a4d82896cad9d675d0

    • SHA1

      0db2876e3e431e4a44222685bba2df589e713bdf

    • SHA256

      054536da4d9f8798f4d4676ae537224ef37c173343f7f9d45aedec3087c6189e

    • SHA512

      83f9d82fdec9ba7bcd2b7631c8d070e4fc8260f53ea8eb59ad7dd154b67edab671eebc8d403f085bc75842b66253ce2ab093f667a489558896f1f4ff65c22626

    • SSDEEP

      6144:z9TiKLwaNwMDZOQhr1R6xie8opqXgKTpgtYOWlGmMvkqAlDiyUvpQf4vt74mD50Y:BThwaNwOD1RFpogXnV4MlGN1AlDkvXvR

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks