berbew | NEAS[.]bb4ec85f73386d86ff5f0a9a7644d820[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.bb4ec85f73386d86ff5f0a9a7644d820.exe
Size

125KB
MD5

bb4ec85f73386d86ff5f0a9a7644d820
SHA1

30ed4fde4af83db8490d6e079328fd250f41a856
SHA256

1c0c9af324088536cbe603e3358ab497ea2a1227cacfb562a023103bf6fc8c59
SHA512

fc1df1861ab66dadf89d5900c468b018bf93d9795d45a7607d995b536fb556444471b5f312a8a4a4326ea2e49862d1f9c15cca77b1fcd4950fac9cf983427df9
SSDEEP

3072:LCHS8AD+RbsMX9Ef31OyIKmGzBycT1WdTCn93OGey/ZhJakrPF:LgRbsMX9m3cyIKFIc8TCndOGeKTaG

Score

10^/10

persistence dropper trojan berbew

Malware Config

Signatures

Berbew family
berbew

Malware Backdoor - Berbew 1 IoCs

Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

persistence dropper trojan

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.bb4ec85f73386d86ff5f0a9a7644d820.exe

Files

NEAS.bb4ec85f73386d86ff5f0a9a7644d820.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 51KB - Virtual size: 51KB

.text Size: - Virtual size: 122KB

.rdata Size: 13KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.gfids Size: 1024B - Virtual size: 4KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 4KB

.text Size: 3KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 8KB

.rsrc Size: 7KB - Virtual size: 8KB

.reloc Size: 5KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 8KB

.text
Size: 51KB - Virtual size: 51KB

.text
Size: - Virtual size: 122KB

.rdata
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.gfids
Size: 1024B - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 7KB - Virtual size: 8KB

.reloc
Size: 5KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 8KB