General

  • Target

    0239ea071470f278ee9525b87a27fb40_NeikiAnalytics.exe

  • Size

    128KB

  • Sample

    240531-svwm5ace5y

  • MD5

    0239ea071470f278ee9525b87a27fb40

  • SHA1

    1c587f191fd0bc2e3b29a740d55c4028afd3cb69

  • SHA256

    89f44374218c2c74573609f53abcc51b6efe1f45b762df98be14499f10139bfc

  • SHA512

    4d846cd80458268daa16c62f8c43f0f205cac4bbd308999afea2517018a7dbcf21a8b52b034849d6fb023320fa5b3aa73a34c84f32adf693529292dec3ff3d44

  • SSDEEP

    3072:zWY5nuddY3HIGr2/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:zWY5nGo4BhHmNEcYj9nhV8NCU

Malware Config

Targets

    • Target

      0239ea071470f278ee9525b87a27fb40_NeikiAnalytics.exe

    • Size

      128KB

    • MD5

      0239ea071470f278ee9525b87a27fb40

    • SHA1

      1c587f191fd0bc2e3b29a740d55c4028afd3cb69

    • SHA256

      89f44374218c2c74573609f53abcc51b6efe1f45b762df98be14499f10139bfc

    • SHA512

      4d846cd80458268daa16c62f8c43f0f205cac4bbd308999afea2517018a7dbcf21a8b52b034849d6fb023320fa5b3aa73a34c84f32adf693529292dec3ff3d44

    • SSDEEP

      3072:zWY5nuddY3HIGr2/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:zWY5nGo4BhHmNEcYj9nhV8NCU

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks