berbew | 7792a28004f9aca52ee2a87bb545ea49f8adba95f8b7a5a6a2db68a7d29a36ce | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2512d4385e...cs.exe

windows7-x64

2512d4385e...cs.exe

windows10-2004-x64

Sharing

General

Target

2512d4385e88b81fdffe82d7e38e95b0_NeikiAnalytics
Size

192KB
Sample

240509-3x9mwahf85
MD5

2512d4385e88b81fdffe82d7e38e95b0
SHA1

11bff0f6914b76390cf60765f23cd48ce8bb81b1
SHA256

7792a28004f9aca52ee2a87bb545ea49f8adba95f8b7a5a6a2db68a7d29a36ce
SHA512

e57797be0d03f44274555380e44941e5902e1837d2e01aac5398e947561ab13f3962c4b9ad64d6fa2ae2c1082fafc65aaa731b157446fe77bc03d00095e8de13
SSDEEP

3072:FhOmTsF93UYfwC6GIoutrVCfMoh52waAyiJ8mqtbfUVKty16hDsI/tSvv:Fcm4FmowdHoS8fMoSVAHubPtyYxfe

Score

10^/10

berbew blackmoon backdoor banker dropper trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

2512d4385e88b81fdffe82d7e38e95b0_NeikiAnalytics.exe

Resource

win7-20240221-en

blackmoon backdoor banker dropper trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2512d4385e88b81fdffe82d7e38e95b0_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon backdoor banker dropper trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2512d4385e88b81fdffe82d7e38e95b0_NeikiAnalytics
- Size
  
  192KB
- MD5
  
  2512d4385e88b81fdffe82d7e38e95b0
- SHA1
  
  11bff0f6914b76390cf60765f23cd48ce8bb81b1
- SHA256
  
  7792a28004f9aca52ee2a87bb545ea49f8adba95f8b7a5a6a2db68a7d29a36ce
- SHA512
  
  e57797be0d03f44274555380e44941e5902e1837d2e01aac5398e947561ab13f3962c4b9ad64d6fa2ae2c1082fafc65aaa731b157446fe77bc03d00095e8de13
- SSDEEP
  
  3072:FhOmTsF93UYfwC6GIoutrVCfMoh52waAyiJ8mqtbfUVKty16hDsI/tSvv:Fcm4FmowdHoS8fMoSVAHubPtyYxfe
Score

10^/10

blackmoon backdoor banker dropper trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

blackmoonbackdoorbankerdroppertrojanupx

behavioral2

blackmoonbackdoorbankerdroppertrojanupx

© 2018-2025

Terms | Privacy