General

  • Target

    44744875c72507ecd08923be06c8a020_NeikiAnalytics.exe

  • Size

    276KB

  • Sample

    240602-gqjxzsdf76

  • MD5

    44744875c72507ecd08923be06c8a020

  • SHA1

    0b36d211f08ff0a4f1376c95a7bf431905c49fbb

  • SHA256

    a0516e69a45e1c0118c789cd3111ddb9ba5ffbe3080ad34f99e570678b2253f2

  • SHA512

    6c4dd1bfdfed00dc6374c93f5812c2744be3288d7c55083e99acfb7c50c3bc4b07d5292483937d21fb80a8591672341224547eea79fcc03bb700c82e36f85f13

  • SSDEEP

    6144:WUbYcWEJYizDmdWZHEFJ7aWN1rtMsQBOSGaF+:rxZ2sc2HEGWN1RMs1S7

Malware Config

Targets

    • Target

      44744875c72507ecd08923be06c8a020_NeikiAnalytics.exe

    • Size

      276KB

    • MD5

      44744875c72507ecd08923be06c8a020

    • SHA1

      0b36d211f08ff0a4f1376c95a7bf431905c49fbb

    • SHA256

      a0516e69a45e1c0118c789cd3111ddb9ba5ffbe3080ad34f99e570678b2253f2

    • SHA512

      6c4dd1bfdfed00dc6374c93f5812c2744be3288d7c55083e99acfb7c50c3bc4b07d5292483937d21fb80a8591672341224547eea79fcc03bb700c82e36f85f13

    • SSDEEP

      6144:WUbYcWEJYizDmdWZHEFJ7aWN1rtMsQBOSGaF+:rxZ2sc2HEGWN1RMs1S7

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks