General

  • Target

    9294b3aa261a2b378bf930143a200470_NeikiAnalytics.exe

  • Size

    384KB

  • Sample

    240601-h91waaef96

  • MD5

    9294b3aa261a2b378bf930143a200470

  • SHA1

    257ba7f84e514ed3a03a45ccfb7e660c9be304c5

  • SHA256

    5e6e57bed906b2af916e0ad0d79be357117d7eef3eafffdfa5405d62fb19baf0

  • SHA512

    6c25a2fc6ea8b994747c0383a48ad5856066e2f01abc0c0732385bc25e4b3186e77651c1c4f7ae76a9669f2fb42c47c7b462c24a444370473d156a14150b1835

  • SSDEEP

    6144:TlZtbLWIgd1LZ9oECZbxlUS+LOxkEjiPISUOgW9X+hOGzC/NM:RLWI09QZb6LOxkmZzcukG2/

Malware Config

Targets

    • Target

      9294b3aa261a2b378bf930143a200470_NeikiAnalytics.exe

    • Size

      384KB

    • MD5

      9294b3aa261a2b378bf930143a200470

    • SHA1

      257ba7f84e514ed3a03a45ccfb7e660c9be304c5

    • SHA256

      5e6e57bed906b2af916e0ad0d79be357117d7eef3eafffdfa5405d62fb19baf0

    • SHA512

      6c25a2fc6ea8b994747c0383a48ad5856066e2f01abc0c0732385bc25e4b3186e77651c1c4f7ae76a9669f2fb42c47c7b462c24a444370473d156a14150b1835

    • SSDEEP

      6144:TlZtbLWIgd1LZ9oECZbxlUS+LOxkEjiPISUOgW9X+hOGzC/NM:RLWI09QZb6LOxkmZzcukG2/

    Score
    10/10
    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks