Overview

overview

10

Static

static

10

e5dbe11ac1...KI.exe

windows7-x64

10

e5dbe11ac1...KI.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e5dbe11ac1fa64cb78868dfea5274160_NEIKI

  • Size

    182KB

  • Sample

    240508-gal3eadc81

  • MD5

    e5dbe11ac1fa64cb78868dfea5274160

  • SHA1

    2e24084667f5a5f3eabc769731532b7823e1a988

  • SHA256

    63b20387320be509f4d06f58b4c2073a5cb32a08ea8c1e67f86426f635a3d060

  • SHA512

    c881427b6572731dfb58d19448fbc45abe87031903a7e90995e4c87853d99fe7c300b87e4edb2bc8437115983c4b8591387fd4d4b3ce48e8f04136b9ddc467d7

  • SSDEEP

    1536:heT7BVwxfvEFwjRs1PDXFi0VvBYv3kZtAV7ZBbP1yVGqV6zSVSGzsNE0q:hmVwRKCULFlav+m7ZB5e3V6z1GzCE

Score
10/10
berbewbackdoordropperevasiontrojanupx

Malware Config

Targets

    • Target

      e5dbe11ac1fa64cb78868dfea5274160_NEIKI

    • Size

      182KB

    • MD5

      e5dbe11ac1fa64cb78868dfea5274160

    • SHA1

      2e24084667f5a5f3eabc769731532b7823e1a988

    • SHA256

      63b20387320be509f4d06f58b4c2073a5cb32a08ea8c1e67f86426f635a3d060

    • SHA512

      c881427b6572731dfb58d19448fbc45abe87031903a7e90995e4c87853d99fe7c300b87e4edb2bc8437115983c4b8591387fd4d4b3ce48e8f04136b9ddc467d7

    • SSDEEP

      1536:heT7BVwxfvEFwjRs1PDXFi0VvBYv3kZtAV7ZBbP1yVGqV6zSVSGzsNE0q:hmVwRKCULFlav+m7ZB5e3V6z1GzCE

    Score
    10/10
    backdoordropperevasiontrojanupx

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Modifies visibility of file extensions in Explorer

      evasion

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks