berbew | c7cf255e5104fda2576b8f1855eb1210_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

c7cf255e5104fda2576b8f1855eb1210_NeikiAnalytics
Size

1.1MB
MD5

c7cf255e5104fda2576b8f1855eb1210
SHA1

2282570e948c94638f2493eddd3e8d451f33d00a
SHA256

5dadc1aae6cd9f87ee7b7b0e797e56797177ee7b9b769ee5ebc06831285bc5d0
SHA512

a5ca9382a195cd193a8c7826ef36a477b0d2248bf8c587c5fca3db27b49ecff3779cf1391b85ab7655874f942943ed7492c0f1834b9066189a19a361a85e24a5
SSDEEP

24576:SzMBIKX9aLisvNeOVQ5zY4xN9VyUGEJRroVQ5zY4xN9VyUiZ7D:F9aLisvNMtYQJHLtYQy7D

Score

10^/10

backdoor trojan dropper berbew

Malware Config

Signatures

Berbew family
berbew

Malware Dropper & Backdoor - Berbew 1 IoCs

Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

backdoor trojan dropper

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7cf255e5104fda2576b8f1855eb1210_NeikiAnalytics

Files

c7cf255e5104fda2576b8f1855eb1210_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 81KB - Virtual size: 81KB

.data Size: 4KB - Virtual size: 4KB

.text Size: 96KB - Virtual size: 95KB

.data Size: - Virtual size: 9KB

.text Size: 512B - Virtual size: 12B

.idata Size: 2KB - Virtual size: 2KB

.text Size: 512B - Virtual size: 16B

.l1 Size: 4KB - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.tls Size: 7KB - Virtual size: 8KB

.pdata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.text Size: 1024B - Virtual size: 4KB

.text Size: 4KB - Virtual size: 4KB

.reloc Size: 7KB - Virtual size: 8KB

.reloc Size: 6KB - Virtual size: 8KB

.text
Size: 81KB - Virtual size: 81KB

.data
Size: 4KB - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 95KB

.data
Size: - Virtual size: 9KB

.text
Size: 512B - Virtual size: 12B

.idata
Size: 2KB - Virtual size: 2KB

.text
Size: 512B - Virtual size: 16B

.l1
Size: 4KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.tls
Size: 7KB - Virtual size: 8KB

.pdata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 8KB

.reloc
Size: 6KB - Virtual size: 8KB