Behavioral task
behavioral1
Sample
9170d78f60cac0e2e84f1fad0195b230_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9170d78f60cac0e2e84f1fad0195b230_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
9170d78f60cac0e2e84f1fad0195b230_NeikiAnalytics
-
Size
448KB
-
MD5
9170d78f60cac0e2e84f1fad0195b230
-
SHA1
67c017f2a53c6beaf5df7c7fa5c68de8084e90db
-
SHA256
e7e9a32aa650e0bad30beffe3597ec39351ccbbbaf3f0833121499213c0ddec7
-
SHA512
bb7a2c8bdd4ef8dc36bb26db895aeb4fd6dfae5fc901e88d8492ab1dd50d58a5cac8319f4488511cbd1658be1ad1f32de566b24575ceca5545f7992e023a6153
-
SSDEEP
6144:TlZtbLWIgd1LZ9oECZbxTktVINoJErkEjiPISUOgW9X+hOGzC/NM:RLWI09QZbQVmoJAkmZzcukG2/
Malware Config
Signatures
-
Berbew family
-
Malware Dropper & Backdoor - Berbew 1 IoCs
Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
resource yara_rule sample family_berbew -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9170d78f60cac0e2e84f1fad0195b230_NeikiAnalytics
Files
-
9170d78f60cac0e2e84f1fad0195b230_NeikiAnalytics.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 144KB - Virtual size: 140KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 32KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ