General

  • Target

    5b1ec19280c49b98ecab126e710c9020_NeikiAnalytics

  • Size

    239KB

  • Sample

    240515-3z5fyabb29

  • MD5

    5b1ec19280c49b98ecab126e710c9020

  • SHA1

    b6d94c39ce6d90c68c9c07bb75304ef4743efad9

  • SHA256

    a1a7535eda9c517751d8d1195d74160f6c85eb48069c13a783b708846197120a

  • SHA512

    c42d02ea865286698fc82a3b41716336bc691d2caeba8f0ca4948b6720937296469f32240bbd43cae47c8a721a3ae11bd47b275ae8314f2df493ae8a8c4ebb0b

  • SSDEEP

    3072:ydEUfKj8BYbDiC1ZTK7sxtLUIGT9kXH0hga4PjBy2XiXV/mwTwyg4K+mpPNHdUpj:yUSiZTK40V2a4PdyoeV/Hwz4zmpPNipj

Malware Config

Targets

    • Target

      5b1ec19280c49b98ecab126e710c9020_NeikiAnalytics

    • Size

      239KB

    • MD5

      5b1ec19280c49b98ecab126e710c9020

    • SHA1

      b6d94c39ce6d90c68c9c07bb75304ef4743efad9

    • SHA256

      a1a7535eda9c517751d8d1195d74160f6c85eb48069c13a783b708846197120a

    • SHA512

      c42d02ea865286698fc82a3b41716336bc691d2caeba8f0ca4948b6720937296469f32240bbd43cae47c8a721a3ae11bd47b275ae8314f2df493ae8a8c4ebb0b

    • SSDEEP

      3072:ydEUfKj8BYbDiC1ZTK7sxtLUIGT9kXH0hga4PjBy2XiXV/mwTwyg4K+mpPNHdUpj:yUSiZTK40V2a4PdyoeV/Hwz4zmpPNipj

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks