General

  • Target

    4fee304eef9b512d4a6810d3b2f3c900_NeikiAnalytics.exe

  • Size

    128KB

  • Sample

    240602-h5l7bsef9x

  • MD5

    4fee304eef9b512d4a6810d3b2f3c900

  • SHA1

    3d49e6486e00e187164563f9b75ac0f23b778d38

  • SHA256

    a3ece60eb1f6cd8de8d63e838e911dd970e3c32ccc4c7262c6bbfc34b31cc85f

  • SHA512

    743f99e75a6f3355ea73167f2d98f4b6f4759be205d351e618512315fd8ed13b9e4315ac1f663eb2729feba322441e85632d3ca527746190a823141542a63f21

  • SSDEEP

    3072:LniK8Nta8zSHfeBuDsZkBSHGWQw65nKCuX8mW2wS7IrHrYj:Ln18zyw65KCuMmHwMOHm

Malware Config

Targets

    • Target

      4fee304eef9b512d4a6810d3b2f3c900_NeikiAnalytics.exe

    • Size

      128KB

    • MD5

      4fee304eef9b512d4a6810d3b2f3c900

    • SHA1

      3d49e6486e00e187164563f9b75ac0f23b778d38

    • SHA256

      a3ece60eb1f6cd8de8d63e838e911dd970e3c32ccc4c7262c6bbfc34b31cc85f

    • SHA512

      743f99e75a6f3355ea73167f2d98f4b6f4759be205d351e618512315fd8ed13b9e4315ac1f663eb2729feba322441e85632d3ca527746190a823141542a63f21

    • SSDEEP

      3072:LniK8Nta8zSHfeBuDsZkBSHGWQw65nKCuX8mW2wS7IrHrYj:Ln18zyw65KCuMmHwMOHm

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks