General

  • Target

    f3437aac724affad150afa1050dec160_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240531-sll3bscc31

  • MD5

    f3437aac724affad150afa1050dec160

  • SHA1

    c493daea7ea5f78ce670499e13e21f43bbd2ac9c

  • SHA256

    a6dbd1b1f5eca687c9af18928d64a7fbae846e02ba7083c3cb9fafa951f50911

  • SHA512

    2814ecd07bbe51a1ca2cf4374dce04ffe99b3e70015567d11ad37f435c08fa1d1e4f91db62539dbc2c26bc25d171915ae489d1a45218277d78c9b1a914727633

  • SSDEEP

    3072:6ZdAv/Dsot1/7oXofkyVwtCJXeex7rrIRZK8K8/kvV:6ZSvbZ1/DfkyVwtmeetrIyRV

Malware Config

Targets

    • Target

      f3437aac724affad150afa1050dec160_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      f3437aac724affad150afa1050dec160

    • SHA1

      c493daea7ea5f78ce670499e13e21f43bbd2ac9c

    • SHA256

      a6dbd1b1f5eca687c9af18928d64a7fbae846e02ba7083c3cb9fafa951f50911

    • SHA512

      2814ecd07bbe51a1ca2cf4374dce04ffe99b3e70015567d11ad37f435c08fa1d1e4f91db62539dbc2c26bc25d171915ae489d1a45218277d78c9b1a914727633

    • SSDEEP

      3072:6ZdAv/Dsot1/7oXofkyVwtCJXeex7rrIRZK8K8/kvV:6ZSvbZ1/DfkyVwtmeetrIyRV

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks