berbew | 59e337458cf7211c45e6722f965566c82c27cae77076aeac48ce4b5654101e56 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

NEAS.9a4c0...80.exe

windows7-x64

NEAS.9a4c0...80.exe

windows10-2004-x64

Sharing

General

Target

NEAS.9a4c0010e379efa00fb0298bbb29c180.exe
Size

1.7MB
Sample

231117-fp6jxsfd22
MD5

9a4c0010e379efa00fb0298bbb29c180
SHA1

6d6ecb4756ad978dc934a741bb0c49028c8b0154
SHA256

59e337458cf7211c45e6722f965566c82c27cae77076aeac48ce4b5654101e56
SHA512

3b53432431140130b0df0aa702069717fe967fda3a048966bd402f33b415400e8af3425edd0a4e0d845808596b00cda12a1ec43162b071f9684e07b24571cc22
SSDEEP

49152:eXPQAL9lMZKTRVyONopKhP+5VxiDDUnZT01hXFfQCT8Aw:eXPQAP73yPGP+5VxiPUZTWVfQCT8Aw

Score

10^/10

berbew xmrig dropper miner persistence trojan

Static task

static1

persistence dropper trojan berbew

3 signatures

Behavioral task

behavioral1

Sample

NEAS.9a4c0010e379efa00fb0298bbb29c180.exe

Resource

win7-20231020-en

xmrig dropper miner persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.9a4c0010e379efa00fb0298bbb29c180.exe

Resource

win10v2004-20231020-en

xmrig dropper miner persistence trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.9a4c0010e379efa00fb0298bbb29c180.exe
- Size
  
  1.7MB
- MD5
  
  9a4c0010e379efa00fb0298bbb29c180
- SHA1
  
  6d6ecb4756ad978dc934a741bb0c49028c8b0154
- SHA256
  
  59e337458cf7211c45e6722f965566c82c27cae77076aeac48ce4b5654101e56
- SHA512
  
  3b53432431140130b0df0aa702069717fe967fda3a048966bd402f33b415400e8af3425edd0a4e0d845808596b00cda12a1ec43162b071f9684e07b24571cc22
- SSDEEP
  
  49152:eXPQAL9lMZKTRVyONopKhP+5VxiDDUnZT01hXFfQCT8Aw:eXPQAP73yPGP+5VxiPUZTWVfQCT8Aw
Score

10^/10

xmrig dropper miner persistence trojan
- Malware Backdoor - Berbew
  Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.
  persistence dropper trojan
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

persistencedroppertrojanberbew

behavioral1

xmrigdropperminerpersistencetrojan

behavioral2

xmrigdropperminerpersistencetrojan

© 2018-2025

Terms | Privacy