General

  • Target

    1df75499f841205d2343f2704f5ac740_NeikiAnalytics.exe

  • Size

    235KB

  • Sample

    240531-trnc1sed83

  • MD5

    1df75499f841205d2343f2704f5ac740

  • SHA1

    0a5a2faefb6705ce77993fe3836abd4c72007100

  • SHA256

    9c34d2cfc5cea87ba4fd5d1c096421af7fa6eede2d8c27ecc98c969bfb53cf34

  • SHA512

    1fec039b95514d8d2a1a43b9bff57e23e112a10fd92e0ed91fc5f25fd174e252848260ae1e07d766e79532b1e7fd567475f34a957b3881015d1ad1727d592b98

  • SSDEEP

    6144:4nGTz5jjJJJtcLPRxXbbulrtMsQB+vn87L5A5:G6z5jjJJJtcLPRaRMsD/y1A5

Malware Config

Targets

    • Target

      1df75499f841205d2343f2704f5ac740_NeikiAnalytics.exe

    • Size

      235KB

    • MD5

      1df75499f841205d2343f2704f5ac740

    • SHA1

      0a5a2faefb6705ce77993fe3836abd4c72007100

    • SHA256

      9c34d2cfc5cea87ba4fd5d1c096421af7fa6eede2d8c27ecc98c969bfb53cf34

    • SHA512

      1fec039b95514d8d2a1a43b9bff57e23e112a10fd92e0ed91fc5f25fd174e252848260ae1e07d766e79532b1e7fd567475f34a957b3881015d1ad1727d592b98

    • SSDEEP

      6144:4nGTz5jjJJJtcLPRxXbbulrtMsQB+vn87L5A5:G6z5jjJJJtcLPRaRMsD/y1A5

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks