berbew | 0d0cd342a4a2a5763bb4ca2f0bba5b4fd753d887b8b07c4769d8766df2181b1f | Triage

Submit
Reports

Overview

overview

Static

static

1e137b509c...cs.exe

windows7-x64

1e137b509c...cs.exe

windows10-2004-x64

Sharing

General

Target

1e137b509cf9e3e32fba57d9ff621080_NeikiAnalytics
Size

320KB
Sample

240509-3d95asgc69
MD5

1e137b509cf9e3e32fba57d9ff621080
SHA1

3dea7263b1bccaa4ac6b10a9f8d465d7c24d6b93
SHA256

0d0cd342a4a2a5763bb4ca2f0bba5b4fd753d887b8b07c4769d8766df2181b1f
SHA512

6c52a7c2cac35fac2aa7b39384cb65d6931376f4d19ea8e1c4ae32953020f2675b4cfbb5f18d402c147b23683a32ddc373ffa1cfed856d8934966ff417908aac
SSDEEP

6144:9cm4FmowdHoSZrv9AEa3F2Y9iE9mJrtMsQBcqNLq3xB:/4wFHoSB969P9mJRMsfqV2f

Score

10^/10

berbew blackmoon backdoor banker dropper trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

1e137b509cf9e3e32fba57d9ff621080_NeikiAnalytics.exe

Resource

win7-20240508-en

blackmoon backdoor banker dropper trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1e137b509cf9e3e32fba57d9ff621080_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon backdoor banker dropper trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  1e137b509cf9e3e32fba57d9ff621080_NeikiAnalytics
- Size
  
  320KB
- MD5
  
  1e137b509cf9e3e32fba57d9ff621080
- SHA1
  
  3dea7263b1bccaa4ac6b10a9f8d465d7c24d6b93
- SHA256
  
  0d0cd342a4a2a5763bb4ca2f0bba5b4fd753d887b8b07c4769d8766df2181b1f
- SHA512
  
  6c52a7c2cac35fac2aa7b39384cb65d6931376f4d19ea8e1c4ae32953020f2675b4cfbb5f18d402c147b23683a32ddc373ffa1cfed856d8934966ff417908aac
- SSDEEP
  
  6144:9cm4FmowdHoSZrv9AEa3F2Y9iE9mJrtMsQBcqNLq3xB:/4wFHoSB969P9mJRMsfqV2f
Score

10^/10

blackmoon backdoor banker dropper trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

blackmoonbackdoorbankerdroppertrojanupx

behavioral2

blackmoonbackdoorbankerdroppertrojanupx

© 2018-2024

Terms | Privacy