General

  • Target

    4e1460f59390f0d1460a2a319dd15860_NeikiAnalytics.exe

  • Size

    366KB

  • Sample

    240602-hyhwbsfb42

  • MD5

    4e1460f59390f0d1460a2a319dd15860

  • SHA1

    2b54733499b163333d481d8e8c2ab85c567f16ec

  • SHA256

    a0ca6f33080ae7a34124b521c1ec72698ac6e70bcb149c3c808af14cb80756e8

  • SHA512

    aed3366ca73357bd35150ac68b548f532ccb655cd18f221a0bc14a0d006eb512f834c5f891dc0c5fad493173f2e11a93e6105eb69736254569d124702b966232

  • SSDEEP

    6144:TF2spV5X5LnLcdpui6yYPaIGckjh/xaSfBJKFbhD7sYQpui6yYPaIGckvN4Ni:cspV5JPcdpV6yYPMLnfBJKFbhDwBpV68

Malware Config

Targets

    • Target

      4e1460f59390f0d1460a2a319dd15860_NeikiAnalytics.exe

    • Size

      366KB

    • MD5

      4e1460f59390f0d1460a2a319dd15860

    • SHA1

      2b54733499b163333d481d8e8c2ab85c567f16ec

    • SHA256

      a0ca6f33080ae7a34124b521c1ec72698ac6e70bcb149c3c808af14cb80756e8

    • SHA512

      aed3366ca73357bd35150ac68b548f532ccb655cd18f221a0bc14a0d006eb512f834c5f891dc0c5fad493173f2e11a93e6105eb69736254569d124702b966232

    • SSDEEP

      6144:TF2spV5X5LnLcdpui6yYPaIGckjh/xaSfBJKFbhD7sYQpui6yYPaIGckvN4Ni:cspV5JPcdpV6yYPMLnfBJKFbhDwBpV68

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks