General

  • Target

    476387d1afce746d61b92b11ee032890_NeikiAnalytics

  • Size

    414KB

  • Sample

    240509-qrtcgsbh7z

  • MD5

    476387d1afce746d61b92b11ee032890

  • SHA1

    f7309ba39fb902e0d4beae8da72882a65b837115

  • SHA256

    206c5d35e5577fdadde95f94389e79e95f4f1061c9c793f384cc18f13fd0ce56

  • SHA512

    52c2827b359ba458f2c78d93947e379c55fac6b7b515ff081081faf45193e9eb9f9968fc8d02a195a6b9ad4e8187c7cae55ffcb115866052c6abf1e17e75a11d

  • SSDEEP

    12288:h6+zsuKMedOGeKTaPkY660fIaDZkY660ffL:h6vMedOGeKTaPgsaDZgTL

Malware Config

Targets

    • Target

      476387d1afce746d61b92b11ee032890_NeikiAnalytics

    • Size

      414KB

    • MD5

      476387d1afce746d61b92b11ee032890

    • SHA1

      f7309ba39fb902e0d4beae8da72882a65b837115

    • SHA256

      206c5d35e5577fdadde95f94389e79e95f4f1061c9c793f384cc18f13fd0ce56

    • SHA512

      52c2827b359ba458f2c78d93947e379c55fac6b7b515ff081081faf45193e9eb9f9968fc8d02a195a6b9ad4e8187c7cae55ffcb115866052c6abf1e17e75a11d

    • SSDEEP

      12288:h6+zsuKMedOGeKTaPkY660fIaDZkY660ffL:h6vMedOGeKTaPgsaDZgTL

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks