General

  • Target

    859273bc9ed266f5ad55e5426f6cdd00_NeikiAnalytics.exe

  • Size

    448KB

  • Sample

    240601-afas1aae9x

  • MD5

    859273bc9ed266f5ad55e5426f6cdd00

  • SHA1

    8409c515145582337f69654297673e961cc6d5a6

  • SHA256

    15427c0947950cf80deb21313fde3f3c943110878a6c4adf9434042a449289b8

  • SHA512

    66fedb4cc449fe4669884bf5b0210c20049c00e9236f898496627c5cf10d6f6a80d01edd82688096092fcd7469f3bfd5ea78b45a0fe33236a3c7f916243f597d

  • SSDEEP

    12288:v768hQGh/pV6yYPMLnfBJKFbhDwBpV6yYP6Utri+Woh3YRVDDf1LcXD3v+2JFrf3:j2UWMLnfBJKhVwBW6Utri+WoxYRVDr12

Malware Config

Targets

    • Target

      859273bc9ed266f5ad55e5426f6cdd00_NeikiAnalytics.exe

    • Size

      448KB

    • MD5

      859273bc9ed266f5ad55e5426f6cdd00

    • SHA1

      8409c515145582337f69654297673e961cc6d5a6

    • SHA256

      15427c0947950cf80deb21313fde3f3c943110878a6c4adf9434042a449289b8

    • SHA512

      66fedb4cc449fe4669884bf5b0210c20049c00e9236f898496627c5cf10d6f6a80d01edd82688096092fcd7469f3bfd5ea78b45a0fe33236a3c7f916243f597d

    • SSDEEP

      12288:v768hQGh/pV6yYPMLnfBJKFbhDwBpV6yYP6Utri+Woh3YRVDDf1LcXD3v+2JFrf3:j2UWMLnfBJKhVwBW6Utri+WoxYRVDr12

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks