berbew | 7d2c277fbc3ec37e4c6b8778474a0610_NeikiAnalytics

General

Target

7d2c277fbc3ec37e4c6b8778474a0610_NeikiAnalytics
Size

656KB
MD5

7d2c277fbc3ec37e4c6b8778474a0610
SHA1

23f231e8a0cb2a812b72d0503a80159cea6b43b9
SHA256

cd4f3e3381e49eea878127fff0a97e345e84b431e42bf8618f19cd7226b2715e
SHA512

511895ccb8f88571fe51168f8d6f09c6edff44fd301d2762ff1dfc2c1bd38302d08de351d0740fe0fb213171c8ae63a7bb20ef7f3c072529260a396cfb020d4a
SSDEEP

12288:w+67XR9JSSxvYGdodHDusQHNd1KidKjttRYLwP:w+6N986Y7DusQHNd1KidKjttRYLwP

Score

10^/10

backdoor trojan dropper berbew

Malware Config

Signatures

Berbew family
berbew

Malware Dropper & Backdoor - Berbew 1 IoCs

Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

backdoor trojan dropper

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d2c277fbc3ec37e4c6b8778474a0610_NeikiAnalytics

Files

7d2c277fbc3ec37e4c6b8778474a0610_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 256KB - Virtual size: 256KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 245KB - Virtual size: 293KB

.text
Size: 256KB - Virtual size: 256KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 245KB - Virtual size: 293KB