General

  • Target

    5daf9572c2a632329758888668015d80_NeikiAnalytics.exe

  • Size

    282KB

  • Sample

    240526-d9geesdf2w

  • MD5

    5daf9572c2a632329758888668015d80

  • SHA1

    706452dd65d03cb83e3f3a99efc06d9c995272d8

  • SHA256

    e73ea851a05c004157c6e41a3d6aa84ceefe4b82369ab9b79a385dccff33d78a

  • SHA512

    3f5d8da190a1bae56d7245e8745debe2a85e97cc6da8dd26cd23ab58582dd5e3d93d979bd2c608a2140d653352eac7abc246c23a1ee9d8827e90989087fc96c3

  • SSDEEP

    6144:ustaRDOzrIzIAUdL+SkEjiPISUOgW9X+hOGzC/:e8zXdVkmZzcukG2/

Malware Config

Targets

    • Target

      5daf9572c2a632329758888668015d80_NeikiAnalytics.exe

    • Size

      282KB

    • MD5

      5daf9572c2a632329758888668015d80

    • SHA1

      706452dd65d03cb83e3f3a99efc06d9c995272d8

    • SHA256

      e73ea851a05c004157c6e41a3d6aa84ceefe4b82369ab9b79a385dccff33d78a

    • SHA512

      3f5d8da190a1bae56d7245e8745debe2a85e97cc6da8dd26cd23ab58582dd5e3d93d979bd2c608a2140d653352eac7abc246c23a1ee9d8827e90989087fc96c3

    • SSDEEP

      6144:ustaRDOzrIzIAUdL+SkEjiPISUOgW9X+hOGzC/:e8zXdVkmZzcukG2/

    Score
    10/10
    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks