General

  • Target

    428bedffd39445e46801e612db83ef50_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240602-gg3zhach6s

  • MD5

    428bedffd39445e46801e612db83ef50

  • SHA1

    3249bb47b08d75f8ab48213ea43a3469353b14fe

  • SHA256

    c033ca33afa9f4cd1eb37685fb75e12f0619d5cb0a170bb89cd529ad3122dff8

  • SHA512

    5cf1bafd7bbd69b2306c6ff2fc91c4df9b0fa6c4a783dcc222b441a979b22a3a8183f78ae247ccc531a424103573d9c74b9ca79260e6776216a917e77a929afb

  • SSDEEP

    3072:cjIpYUM7rpc0HzZ30EIZqSQfCMVkDVwtCJXeex7rrIRZK8K8/kv:cj4YUM7rp7HzZ30OfCMVkDVwtmeetrIu

Malware Config

Targets

    • Target

      428bedffd39445e46801e612db83ef50_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      428bedffd39445e46801e612db83ef50

    • SHA1

      3249bb47b08d75f8ab48213ea43a3469353b14fe

    • SHA256

      c033ca33afa9f4cd1eb37685fb75e12f0619d5cb0a170bb89cd529ad3122dff8

    • SHA512

      5cf1bafd7bbd69b2306c6ff2fc91c4df9b0fa6c4a783dcc222b441a979b22a3a8183f78ae247ccc531a424103573d9c74b9ca79260e6776216a917e77a929afb

    • SSDEEP

      3072:cjIpYUM7rpc0HzZ30EIZqSQfCMVkDVwtCJXeex7rrIRZK8K8/kv:cj4YUM7rp7HzZ30OfCMVkDVwtmeetrIu

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks