General

  • Target

    00d3ee12585243eb83d73a11d2861440_NeikiAnalytics.exe

  • Size

    115KB

  • Sample

    240601-11ycxaha64

  • MD5

    00d3ee12585243eb83d73a11d2861440

  • SHA1

    a9fcdda70a9d9bbbadf4080adf0c1f0aed1f06ed

  • SHA256

    8b11e4230d7c624d2e8009f7108694f5dd67113dbf4340fbe36f239951a62fdc

  • SHA512

    956fae4e960892e59a44da6057dc2c91004f5203b766361be17faad8921a637a85595ec065e95ff61a7ebc90a418779923fc7ab61120b51e6fef0b5436e61c9a

  • SSDEEP

    3072:49wHPWB8JHMoX4FW2VTbWymWU6SMQehalNgFuk0:GwHPWuHZX4f6ymWU5MClN5

Malware Config

Targets

    • Target

      00d3ee12585243eb83d73a11d2861440_NeikiAnalytics.exe

    • Size

      115KB

    • MD5

      00d3ee12585243eb83d73a11d2861440

    • SHA1

      a9fcdda70a9d9bbbadf4080adf0c1f0aed1f06ed

    • SHA256

      8b11e4230d7c624d2e8009f7108694f5dd67113dbf4340fbe36f239951a62fdc

    • SHA512

      956fae4e960892e59a44da6057dc2c91004f5203b766361be17faad8921a637a85595ec065e95ff61a7ebc90a418779923fc7ab61120b51e6fef0b5436e61c9a

    • SSDEEP

      3072:49wHPWB8JHMoX4FW2VTbWymWU6SMQehalNgFuk0:GwHPWuHZX4f6ymWU5MClN5

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks