General

  • Target

    4dade3efcdf11d5d255665c20fd28980_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240602-hw73fafa85

  • MD5

    4dade3efcdf11d5d255665c20fd28980

  • SHA1

    18cbade915c08e82b939d953ccf6ce843afce9d7

  • SHA256

    7b7dd7f373969853bf6bd7e4fdfe0f411d385743cb52425706a98b521e80a079

  • SHA512

    eecb1499a8af189abb63903f34e3e3cf3a7dfe3eeb52741e3110aba44befaa9e85d7743efacf8829bff372efe72dc60a9534b87244af4a2994f49df087096417

  • SSDEEP

    3072:PEboWeaKC/q6/nwbA2pXg0m7kAiVwtCJXeex7rrIRZK8K8/kv:PEboWeaK0qewUx9k9VwtmeetrIyR

Malware Config

Targets

    • Target

      4dade3efcdf11d5d255665c20fd28980_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      4dade3efcdf11d5d255665c20fd28980

    • SHA1

      18cbade915c08e82b939d953ccf6ce843afce9d7

    • SHA256

      7b7dd7f373969853bf6bd7e4fdfe0f411d385743cb52425706a98b521e80a079

    • SHA512

      eecb1499a8af189abb63903f34e3e3cf3a7dfe3eeb52741e3110aba44befaa9e85d7743efacf8829bff372efe72dc60a9534b87244af4a2994f49df087096417

    • SSDEEP

      3072:PEboWeaKC/q6/nwbA2pXg0m7kAiVwtCJXeex7rrIRZK8K8/kv:PEboWeaK0qewUx9k9VwtmeetrIyR

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks