berbew | be171889d4336677bbb9a6a6ab8cade0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

be171889d4336677bbb9a6a6ab8cade0_NEIKI
Size

108KB
MD5

be171889d4336677bbb9a6a6ab8cade0
SHA1

2a1c89efbf5fa68cae75d1488d7cdd286a236687
SHA256

642d3f4d4c8e30863cd4937a061e7fe02d09f87d4a2f4ef73f2da449264b3f65
SHA512

f1354856c3d3502f36babfd78f9ece04bd2f6d65a03c11e997aca42e7923c4514b491db68c980812ddb4891904cd54815d5b056cf959031b7bec77dfab7a135e
SSDEEP

3072:Fuq9pGyw7P2PycccYTPazUgnVdUjmOiBn3w8BdTj2h3K:FLUywdgnVyjVu3w8BdTj2VK

Score

10^/10

backdoor trojan dropper berbew

Malware Config

Signatures

Berbew family
berbew

Malware Dropper & Backdoor - Berbew 1 IoCs

Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

backdoor trojan dropper

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be171889d4336677bbb9a6a6ab8cade0_NEIKI

Files

be171889d4336677bbb9a6a6ab8cade0_NEIKI
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.embm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: - Virtual size: 132KB

.data Size: 11KB - Virtual size: 11KB

.text Size: 3KB - Virtual size: 3KB

.embm Size: 512B - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 8KB

.text Size: 1024B - Virtual size: 4KB

.rdata Size: 9KB - Virtual size: 12KB

.idata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.text Size: 1024B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 8KB - Virtual size: 8KB

.idata Size: 1024B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 8KB

.text
Size: 27KB - Virtual size: 27KB

.data
Size: - Virtual size: 132KB

.data
Size: 11KB - Virtual size: 11KB

.text
Size: 3KB - Virtual size: 3KB

.embm
Size: 512B - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 8KB

.text
Size: 1024B - Virtual size: 4KB

.rdata
Size: 9KB - Virtual size: 12KB

.idata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 8KB

.idata
Size: 1024B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 8KB