Behavioral task
behavioral1
Sample
7dd7e9b2acc6da9c741e7d456371f1f0_NeikiAnalytics.exe
Resource
win7-20240215-en
General
-
Target
7dd7e9b2acc6da9c741e7d456371f1f0_NeikiAnalytics.exe
-
Size
703KB
-
MD5
7dd7e9b2acc6da9c741e7d456371f1f0
-
SHA1
28e001215179bc6e870e490c7ccc10dca6715f65
-
SHA256
507f404eee46ed63b8ff3481fe5a731c0f2d166d6598cb7cd041ddf814db668c
-
SHA512
aedd705b48b01fe8bb5017af17f00ff094eca99fab4f4fc374c580bcf1be69e461311186fa88b75296f05fd572dd252fbed5ae258ad73e61c1d57ee244e046e1
-
SSDEEP
12288:iWBm+95nHfF2mgewFx5hy5W/DRimYCQ1kfgjdkA05p3dL95pPmGuzNEFX/7OI/Ci:iWBz95ndbgfx53DcPKgjT05pNL95pPmi
Malware Config
Signatures
-
Berbew family
-
Malware Dropper & Backdoor - Berbew 1 IoCs
Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
resource yara_rule sample family_berbew -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7dd7e9b2acc6da9c741e7d456371f1f0_NeikiAnalytics.exe
Files
-
7dd7e9b2acc6da9c741e7d456371f1f0_NeikiAnalytics.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 200KB - Virtual size: 199KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 182KB - Virtual size: 204KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 85KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.l1 Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ