General

  • Target

    377f1c09861b12256830ad66a93d5a5b8db040a6f44d163daab41518d8e09c5e_NeikiAnalytics

  • Size

    640KB

  • Sample

    240521-mndwvaad24

  • MD5

    2cde8419aa31faa670eecc2639c34c50

  • SHA1

    1774548ed469b7ea1a6991998167c3e0f6e79350

  • SHA256

    377f1c09861b12256830ad66a93d5a5b8db040a6f44d163daab41518d8e09c5e

  • SHA512

    cf329a196fe8c0ec5c3d4cef688f6ff93cd1866301aa7777ec63f69b5245e7db6af0ca144f4b9c3a51f262e69a5d0ec1734342f3a28b6b70321b37b32f8ca5fe

  • SSDEEP

    12288:4dXHaINIVIIVy2oIvPKiK13fS2hEYM9RIPk:4dXHfNIVIIVy2jU13fS2hEYM9RIPk

Malware Config

Targets

    • Target

      377f1c09861b12256830ad66a93d5a5b8db040a6f44d163daab41518d8e09c5e_NeikiAnalytics

    • Size

      640KB

    • MD5

      2cde8419aa31faa670eecc2639c34c50

    • SHA1

      1774548ed469b7ea1a6991998167c3e0f6e79350

    • SHA256

      377f1c09861b12256830ad66a93d5a5b8db040a6f44d163daab41518d8e09c5e

    • SHA512

      cf329a196fe8c0ec5c3d4cef688f6ff93cd1866301aa7777ec63f69b5245e7db6af0ca144f4b9c3a51f262e69a5d0ec1734342f3a28b6b70321b37b32f8ca5fe

    • SSDEEP

      12288:4dXHaINIVIIVy2oIvPKiK13fS2hEYM9RIPk:4dXHfNIVIIVy2jU13fS2hEYM9RIPk

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks