berbew | 75b9313609cff3256e71dc033c6c29f0_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

75b9313609cff3256e71dc033c6c29f0_NEIKI
Size

153KB
MD5

75b9313609cff3256e71dc033c6c29f0
SHA1

17a6e19252a58e30b92e93b24847f13d66b4d011
SHA256

4c736f9033689a9328400aa9ae7f8377c9a950c5c41bb726ff0130d5bbef1357
SHA512

ae89b084eb62f27e0eac12ea3514246707f07248b247eb3eda993c8d6bba4c72f4b2245af9fcd54205721d2c310ddad1d0c607586cb0cb56d6ce35df9f445974
SSDEEP

3072:Ns8NsLQs2xgE+RoK2SUAEQGBcHN0OlaxP3DZyN/+oeRpxPdZFibDyxn:7NAPMZK2JAHj05xP3DZyN1eRppzcexn

Score

10^/10

backdoor trojan dropper berbew

Malware Config

Signatures

Berbew family
berbew

Malware Dropper & Backdoor - Berbew 1 IoCs

Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

backdoor trojan dropper

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75b9313609cff3256e71dc033c6c29f0_NEIKI

Files

75b9313609cff3256e71dc033c6c29f0_NEIKI
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 31KB - Virtual size: 31KB

.rsrc Size: - Virtual size: 132KB

.data Size: 12KB - Virtual size: 12KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 4KB

.text Size: 2KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 6KB - Virtual size: 8KB

DATA Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text Size: 8KB - Virtual size: 8KB

.text
Size: 31KB - Virtual size: 31KB

.rsrc
Size: - Virtual size: 132KB

.data
Size: 12KB - Virtual size: 12KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 6KB - Virtual size: 8KB

DATA
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB