General

  • Target

    72d79975b611e7867c7e5a4d8d0fd480_NeikiAnalytics

  • Size

    113KB

  • Sample

    240509-svcj9abg73

  • MD5

    72d79975b611e7867c7e5a4d8d0fd480

  • SHA1

    0f6eecc71fae442f059ae41de9117aec03c8a175

  • SHA256

    b763ee13aea9cc98466f1b469015324dd13a46e5361c04a804332259c2a679ff

  • SHA512

    b29dfabd5b0785fdbfd7aa1ecb0f8f515b4ecfdb9a0303586c94778899a32c51558bf0a52c78b29ec8fa4109905248b354589ce9dd68ed2b7672738d475bbb2a

  • SSDEEP

    3072:+7WLGvhfxM9m2JoRugCe8uvQa7gRj9/S2Kn:+gKU99oRISMRNF

Malware Config

Targets

    • Target

      72d79975b611e7867c7e5a4d8d0fd480_NeikiAnalytics

    • Size

      113KB

    • MD5

      72d79975b611e7867c7e5a4d8d0fd480

    • SHA1

      0f6eecc71fae442f059ae41de9117aec03c8a175

    • SHA256

      b763ee13aea9cc98466f1b469015324dd13a46e5361c04a804332259c2a679ff

    • SHA512

      b29dfabd5b0785fdbfd7aa1ecb0f8f515b4ecfdb9a0303586c94778899a32c51558bf0a52c78b29ec8fa4109905248b354589ce9dd68ed2b7672738d475bbb2a

    • SSDEEP

      3072:+7WLGvhfxM9m2JoRugCe8uvQa7gRj9/S2Kn:+gKU99oRISMRNF

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks