berbew | ae4f17d9a3988ef817b92606e8b9aa178e13ed6b62a8932d930e4bb03f4f894b | Triage

Submit
Reports

Overview

overview

Static

static

fa7907cbbb...KI.exe

windows7-x64

fa7907cbbb...KI.exe

windows10-2004-x64

Sharing

General

Target

fa7907cbbba8c18b863d57a07326f7c0_NEIKI
Size

166KB
Sample

240509-flddzaca2t
MD5

fa7907cbbba8c18b863d57a07326f7c0
SHA1

a75835a2e254f9e075814cf33123c36c005b3d0f
SHA256

ae4f17d9a3988ef817b92606e8b9aa178e13ed6b62a8932d930e4bb03f4f894b
SHA512

00b8d44a66cf590d10dff87d59f26edf744386f2498e6b567bfb648d7eb949b4b9d4cc184d432f00e47129af697c7df0bc554b92640ea7784edf806970acd000
SSDEEP

3072:ehOmTsF93UYfwC6GIout1sWRkVap3daVszyKd+XqQz0esujClt+zZ4dMovmW1q7A:ecm4FmowdHoSKWqoFdAszBd+aQz0IClp

Score

10^/10

berbew blackmoon backdoor banker dropper trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

fa7907cbbba8c18b863d57a07326f7c0_NEIKI.exe

Resource

win7-20231129-en

blackmoon backdoor banker dropper trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

fa7907cbbba8c18b863d57a07326f7c0_NEIKI.exe

Resource

win10v2004-20240226-en

blackmoon backdoor banker dropper trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  fa7907cbbba8c18b863d57a07326f7c0_NEIKI
- Size
  
  166KB
- MD5
  
  fa7907cbbba8c18b863d57a07326f7c0
- SHA1
  
  a75835a2e254f9e075814cf33123c36c005b3d0f
- SHA256
  
  ae4f17d9a3988ef817b92606e8b9aa178e13ed6b62a8932d930e4bb03f4f894b
- SHA512
  
  00b8d44a66cf590d10dff87d59f26edf744386f2498e6b567bfb648d7eb949b4b9d4cc184d432f00e47129af697c7df0bc554b92640ea7784edf806970acd000
- SSDEEP
  
  3072:ehOmTsF93UYfwC6GIout1sWRkVap3daVszyKd+XqQz0esujClt+zZ4dMovmW1q7A:ecm4FmowdHoSKWqoFdAszBd+aQz0IClp
Score

10^/10

blackmoon backdoor banker dropper trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

blackmoonbackdoorbankerdroppertrojanupx

behavioral2

blackmoonbackdoorbankerdroppertrojanupx

© 2018-2024

Terms | Privacy