General

  • Target

    26a3f2005157ad003d52890509aba8d0_NeikiAnalytics.exe

  • Size

    1.2MB

  • Sample

    240531-xn2ysaae57

  • MD5

    26a3f2005157ad003d52890509aba8d0

  • SHA1

    df3476c572bb77242cd361e05125f2487d411470

  • SHA256

    154f81448b62c10ed2b432d9c041997fd1212cc60d72aa17a026548a90f5224c

  • SHA512

    48c6c46e475095bc494be56b88cd34886104ce6d23754e1b61bd0786d3ae418f51a890ff5c17a1f430929e0d95413935592aece7d4424b26528cc32145721e69

  • SSDEEP

    12288:o3WYlFiWZCXwpnsKvNA+XTvZHWuEo3oWiQ4ca:SWYlFiWZpsKv2EvZHp3oWiQ4ca

Malware Config

Targets

    • Target

      26a3f2005157ad003d52890509aba8d0_NeikiAnalytics.exe

    • Size

      1.2MB

    • MD5

      26a3f2005157ad003d52890509aba8d0

    • SHA1

      df3476c572bb77242cd361e05125f2487d411470

    • SHA256

      154f81448b62c10ed2b432d9c041997fd1212cc60d72aa17a026548a90f5224c

    • SHA512

      48c6c46e475095bc494be56b88cd34886104ce6d23754e1b61bd0786d3ae418f51a890ff5c17a1f430929e0d95413935592aece7d4424b26528cc32145721e69

    • SSDEEP

      12288:o3WYlFiWZCXwpnsKvNA+XTvZHWuEo3oWiQ4ca:SWYlFiWZpsKv2EvZHp3oWiQ4ca

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks