berbew | 42d3d779220e23514ca2b75270f73037b35749f1683b1c89f16420f59d803cf3 | Triage

Submit
Reports

Overview

overview

Static

static

NEAS.6ee9e...f0.exe

windows7-x64

NEAS.6ee9e...f0.exe

windows10-2004-x64

Sharing

General

Target

NEAS.6ee9e5e3fb9b92125a60e50be5ee91f0.exe
Size

438KB
Sample

231117-fzq7zsge6y
MD5

6ee9e5e3fb9b92125a60e50be5ee91f0
SHA1

2f1301d36a321e8a225e64bc939572a6f4cf5b7b
SHA256

42d3d779220e23514ca2b75270f73037b35749f1683b1c89f16420f59d803cf3
SHA512

aa841c6c03c3901e851909bf0315511591b2246b93b82a5f409b017bdb6519aeeaeded1847093aa12effaa57bbc2425f2f0c891d53da17dbe9e30aa096fb3065
SSDEEP

12288:w4wFHoS9KxbNnidEhjEJd1kNpeUgI95yRoZHVaoJMOxFXnRV4PiGO0hUmHY:kKxbNndhjEJd1kNpeUgI95yRoZHgoJMO

Score

10^/10

berbew blackmoon banker dropper persistence trojan upx

Static task

static1

upx persistence dropper trojan berbew

4 signatures

Behavioral task

behavioral1

Sample

NEAS.6ee9e5e3fb9b92125a60e50be5ee91f0.exe

Resource

win7-20231025-en

blackmoon banker dropper persistence trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.6ee9e5e3fb9b92125a60e50be5ee91f0.exe

Resource

win10v2004-20231023-en

blackmoon banker dropper persistence trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.6ee9e5e3fb9b92125a60e50be5ee91f0.exe
- Size
  
  438KB
- MD5
  
  6ee9e5e3fb9b92125a60e50be5ee91f0
- SHA1
  
  2f1301d36a321e8a225e64bc939572a6f4cf5b7b
- SHA256
  
  42d3d779220e23514ca2b75270f73037b35749f1683b1c89f16420f59d803cf3
- SHA512
  
  aa841c6c03c3901e851909bf0315511591b2246b93b82a5f409b017bdb6519aeeaeded1847093aa12effaa57bbc2425f2f0c891d53da17dbe9e30aa096fb3065
- SSDEEP
  
  12288:w4wFHoS9KxbNnidEhjEJd1kNpeUgI95yRoZHVaoJMOxFXnRV4PiGO0hUmHY:kKxbNndhjEJd1kNpeUgI95yRoZHgoJMO
Score

10^/10

blackmoon banker dropper persistence trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Backdoor - Berbew
  Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.
  persistence dropper trojan
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxpersistencedroppertrojanberbew

behavioral1

blackmoonbankerdropperpersistencetrojanupx

behavioral2

blackmoonbankerdropperpersistencetrojanupx

© 2018-2025

Terms | Privacy