berbew | f49f1e5b7b31449391841b356553c39c8d00a19cbb1e71f9e8089111e302394f | Triage

Submit
Reports

Overview

overview

Static

static

22503b3443...cs.exe

windows7-x64

22503b3443...cs.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

22503b3443d8f1911e70065194f0e4e0_NeikiAnalytics
Size

483KB
Sample

240510-2vq73see3w
MD5

22503b3443d8f1911e70065194f0e4e0
SHA1

2c805812528f7dd454700535275c785b757c59b5
SHA256

f49f1e5b7b31449391841b356553c39c8d00a19cbb1e71f9e8089111e302394f
SHA512

f88e1f28ea1faa7c216bf11e643bd8548504e2dbc57089158c2cb193e390135afc7c4636b82aca1dbdb4cab641b9f4f81f4aaccd5fa531184dfbf27724d41f2c
SSDEEP

12288:N4wFHoSMu49P9mPh2kkkkK4kXkkkkkkkkl888888888888888888n5:Cu49lmPh2kkkkK4kXkkkkkkkkf

Score

10^/10

berbew blackmoon backdoor banker dropper trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

22503b3443d8f1911e70065194f0e4e0_NeikiAnalytics.exe

Resource

win7-20240419-en

blackmoon backdoor banker dropper trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

22503b3443d8f1911e70065194f0e4e0_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon backdoor banker dropper trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  22503b3443d8f1911e70065194f0e4e0_NeikiAnalytics
- Size
  
  483KB
- MD5
  
  22503b3443d8f1911e70065194f0e4e0
- SHA1
  
  2c805812528f7dd454700535275c785b757c59b5
- SHA256
  
  f49f1e5b7b31449391841b356553c39c8d00a19cbb1e71f9e8089111e302394f
- SHA512
  
  f88e1f28ea1faa7c216bf11e643bd8548504e2dbc57089158c2cb193e390135afc7c4636b82aca1dbdb4cab641b9f4f81f4aaccd5fa531184dfbf27724d41f2c
- SSDEEP
  
  12288:N4wFHoSMu49P9mPh2kkkkK4kXkkkkkkkkl888888888888888888n5:Cu49lmPh2kkkkK4kXkkkkkkkkf
Score

10^/10

blackmoon backdoor banker dropper trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

blackmoonbackdoorbankerdroppertrojanupx

behavioral2

blackmoonbackdoorbankerdroppertrojanupx

© 2018-2025

Terms | Privacy