berbew | e0fe78e633a767b5098623540a69f8a1a8623b59d44ffe99f1fffcc97f4b1838 | Triage

Submit
Reports

Overview

overview

Static

static

NEAS.53409...80.exe

windows7-x64

NEAS.53409...80.exe

windows10-2004-x64

Sharing

General

Target

NEAS.5340980cc80b334a2503bf2da3d73a80.exe
Size

139KB
Sample

231031-ktpt7aea95
MD5

5340980cc80b334a2503bf2da3d73a80
SHA1

af4d42a691e80cc7d2c1caaf310994e13abf53c8
SHA256

e0fe78e633a767b5098623540a69f8a1a8623b59d44ffe99f1fffcc97f4b1838
SHA512

a29a6bf1d8a41d59d892fb281727824864fda98a1db246980092bfb70754a28a2a0746ead88ec5cb53172f66b2fd239576e35fc95f895de8173d0235402cbe8c
SSDEEP

3072:EhOmTsF93UYfwC6GIoutcEDjmDH6lPqZD2N/67ZWRZWZ1AgkniE7xn:Ecm4FmowdHoScQmL6l6O/8WOWiEx

Score

10^/10

berbew blackmoon banker dropper persistence trojan upx

Static task

static1

upx persistence dropper trojan berbew

4 signatures

Behavioral task

behavioral1

Sample

NEAS.5340980cc80b334a2503bf2da3d73a80.exe

Resource

win7-20231023-en

blackmoon banker dropper persistence trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.5340980cc80b334a2503bf2da3d73a80.exe

Resource

win10v2004-20231020-en

blackmoon banker dropper persistence trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.5340980cc80b334a2503bf2da3d73a80.exe
- Size
  
  139KB
- MD5
  
  5340980cc80b334a2503bf2da3d73a80
- SHA1
  
  af4d42a691e80cc7d2c1caaf310994e13abf53c8
- SHA256
  
  e0fe78e633a767b5098623540a69f8a1a8623b59d44ffe99f1fffcc97f4b1838
- SHA512
  
  a29a6bf1d8a41d59d892fb281727824864fda98a1db246980092bfb70754a28a2a0746ead88ec5cb53172f66b2fd239576e35fc95f895de8173d0235402cbe8c
- SSDEEP
  
  3072:EhOmTsF93UYfwC6GIoutcEDjmDH6lPqZD2N/67ZWRZWZ1AgkniE7xn:Ecm4FmowdHoScQmL6l6O/8WOWiEx
Score

10^/10

blackmoon banker dropper persistence trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Backdoor - Berbew
  Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.
  persistence dropper trojan
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxpersistencedroppertrojanberbew

behavioral1

blackmoonbankerdropperpersistencetrojanupx

behavioral2

blackmoonbankerdropperpersistencetrojanupx

© 2018-2025

Terms | Privacy