General

  • Target

    58fbb8319e8aba095fec645be9510d10_NeikiAnalytics.exe

  • Size

    109KB

  • Sample

    240526-dnj87acg3s

  • MD5

    58fbb8319e8aba095fec645be9510d10

  • SHA1

    340d933630945545fabd71747c9df29f3993c7d4

  • SHA256

    437b1e3710d4208483ec0d005f9bc6c09a7ba74e0b23a9eac68c40f785e4889c

  • SHA512

    52d800426040c33240ed4de04b6a0c726c7661311c2ad140c620cb569b355d68904a77198f504c2b06bd12846452cc03c7b8e4a6b6fa965ee658d7f73eafb065

  • SSDEEP

    3072:JaVqVUj0Kv/vTdxyxc4J9/LCqwzBu1DjHLMVDqqkSp:JaVJjdHPyhJ9zwtu1DjrFqh

Malware Config

Targets

    • Target

      58fbb8319e8aba095fec645be9510d10_NeikiAnalytics.exe

    • Size

      109KB

    • MD5

      58fbb8319e8aba095fec645be9510d10

    • SHA1

      340d933630945545fabd71747c9df29f3993c7d4

    • SHA256

      437b1e3710d4208483ec0d005f9bc6c09a7ba74e0b23a9eac68c40f785e4889c

    • SHA512

      52d800426040c33240ed4de04b6a0c726c7661311c2ad140c620cb569b355d68904a77198f504c2b06bd12846452cc03c7b8e4a6b6fa965ee658d7f73eafb065

    • SSDEEP

      3072:JaVqVUj0Kv/vTdxyxc4J9/LCqwzBu1DjHLMVDqqkSp:JaVJjdHPyhJ9zwtu1DjrFqh

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Tasks