General

  • Target

    b0f1952151419923def544902b9374b0_NeikiAnalytics

  • Size

    664KB

  • Sample

    240509-wd521shf78

  • MD5

    b0f1952151419923def544902b9374b0

  • SHA1

    3ba99ca66ca9b7e8bda3f331724b7eb789e61099

  • SHA256

    6c61d5279ed6b11fc9a2b36fdd880af9721900a81634d3f9c4268046588c11cb

  • SHA512

    e667942214951c44dc7caefbbec9f23288444756cc54fd836e98e03ad2ea0aeb004550e54c881886d5fd0273119c7c2ea280827a26baa5bb12cc24a2b03dce06

  • SSDEEP

    12288:YptfmM0pV6yYP4rbpV6yYPg058KpV6yYPNUir2MhNl6zX3w9As/xO23WM6tJmDYx:EtfiW4XWleKWNUir2MhNl6zX3w9As/xi

Malware Config

Targets

    • Target

      b0f1952151419923def544902b9374b0_NeikiAnalytics

    • Size

      664KB

    • MD5

      b0f1952151419923def544902b9374b0

    • SHA1

      3ba99ca66ca9b7e8bda3f331724b7eb789e61099

    • SHA256

      6c61d5279ed6b11fc9a2b36fdd880af9721900a81634d3f9c4268046588c11cb

    • SHA512

      e667942214951c44dc7caefbbec9f23288444756cc54fd836e98e03ad2ea0aeb004550e54c881886d5fd0273119c7c2ea280827a26baa5bb12cc24a2b03dce06

    • SSDEEP

      12288:YptfmM0pV6yYP4rbpV6yYPg058KpV6yYPNUir2MhNl6zX3w9As/xO23WM6tJmDYx:EtfiW4XWleKWNUir2MhNl6zX3w9As/xi

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks