Overview

overview

10

Static

static

10

3caea17600...cs.exe

windows7-x64

10

3caea17600...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3caea176002270e70c289d9499e9d580_NeikiAnalytics

  • Size

    401KB

  • Sample

    240511-1djk8scg75

  • MD5

    3caea176002270e70c289d9499e9d580

  • SHA1

    d97ddc65e07362be4ff2ff5e72b2868a7aa81d3c

  • SHA256

    f3d7565fd67ec35301863de1c9ca24786dcd0101dd590e0f000744fe607a6500

  • SHA512

    231891abd20594bbd0c459c4b35a8911011f777c2e2cb56ffc47e24ec561e4969e4b2d5fc325cde0687fa641db5e245c7641bba3d7767784842a4ee9de843f57

  • SSDEEP

    6144:9/uHMvoygR7Andpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836PGyA7:SygRcndpV6yYP4rbpV6yYPg058KrY

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      3caea176002270e70c289d9499e9d580_NeikiAnalytics

    • Size

      401KB

    • MD5

      3caea176002270e70c289d9499e9d580

    • SHA1

      d97ddc65e07362be4ff2ff5e72b2868a7aa81d3c

    • SHA256

      f3d7565fd67ec35301863de1c9ca24786dcd0101dd590e0f000744fe607a6500

    • SHA512

      231891abd20594bbd0c459c4b35a8911011f777c2e2cb56ffc47e24ec561e4969e4b2d5fc325cde0687fa641db5e245c7641bba3d7767784842a4ee9de843f57

    • SSDEEP

      6144:9/uHMvoygR7Andpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836PGyA7:SygRcndpV6yYP4rbpV6yYPg058KrY

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks