Overview

overview

10

Static

static

10

52968976fb...cs.exe

windows7-x64

10

52968976fb...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    52968976fba7a75cd6a05ab287acef30_NeikiAnalytics

  • Size

    89KB

  • Sample

    240511-ccc53ahd83

  • MD5

    52968976fba7a75cd6a05ab287acef30

  • SHA1

    a3835a1097313a4d70163d7f716c6ba80a42ba99

  • SHA256

    c80efa9fa7d79cb3f4e8b69a72b14431ed4108623bae0d38c229826e6a0af681

  • SHA512

    f1b056f3d33285548fe3b4ca69e38351187b36b9ba7cd7c7e555e22cba2f25fef5e6da36c674e930198167f656a08b20c3efbeaaa9188da24228bf226fe16bd0

  • SSDEEP

    1536:K7/Hj/bFr1sosQXbiMGlIyxWVd3pNo3dSG9d7kQu3qRQ5D68a+VMKKTRVGFtUhQ9:K7drdzLiMEIKwdikB3qeIr4MKy3G7UEb

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      52968976fba7a75cd6a05ab287acef30_NeikiAnalytics

    • Size

      89KB

    • MD5

      52968976fba7a75cd6a05ab287acef30

    • SHA1

      a3835a1097313a4d70163d7f716c6ba80a42ba99

    • SHA256

      c80efa9fa7d79cb3f4e8b69a72b14431ed4108623bae0d38c229826e6a0af681

    • SHA512

      f1b056f3d33285548fe3b4ca69e38351187b36b9ba7cd7c7e555e22cba2f25fef5e6da36c674e930198167f656a08b20c3efbeaaa9188da24228bf226fe16bd0

    • SSDEEP

      1536:K7/Hj/bFr1sosQXbiMGlIyxWVd3pNo3dSG9d7kQu3qRQ5D68a+VMKKTRVGFtUhQ9:K7drdzLiMEIKwdikB3qeIr4MKy3G7UEb

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks