Overview

overview

10

Static

static

10

a30e267af0...cs.exe

windows7-x64

10

a30e267af0...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a30e267af0006da656825bcbbc791190_NeikiAnalytics

  • Size

    448KB

  • Sample

    240513-hm3rcseb78

  • MD5

    a30e267af0006da656825bcbbc791190

  • SHA1

    d7cd4073ed423cee3bc79342b90db55f9a93411f

  • SHA256

    16ed637e3ccf52fa4fa2b1aab323cafdfaffdecfae3157016ce4593f42ee81c7

  • SHA512

    7659d24198f91017f060de9c4a00223669bc8f5f376a7b239aec4f63a6eeed71d074e34228576ac4c03f73f0de778003888558958fd0941dee9dcd2aede97ca3

  • SSDEEP

    6144:a6UFwNNO7b7aOl3BzrUmKyIxLfYeOO9UmKyIxLiajOEjXP3HBsR4/0ePGSzxC:IIO/7aOlxzr3cOK3TajRfXFMKNxC

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      a30e267af0006da656825bcbbc791190_NeikiAnalytics

    • Size

      448KB

    • MD5

      a30e267af0006da656825bcbbc791190

    • SHA1

      d7cd4073ed423cee3bc79342b90db55f9a93411f

    • SHA256

      16ed637e3ccf52fa4fa2b1aab323cafdfaffdecfae3157016ce4593f42ee81c7

    • SHA512

      7659d24198f91017f060de9c4a00223669bc8f5f376a7b239aec4f63a6eeed71d074e34228576ac4c03f73f0de778003888558958fd0941dee9dcd2aede97ca3

    • SSDEEP

      6144:a6UFwNNO7b7aOl3BzrUmKyIxLfYeOO9UmKyIxLiajOEjXP3HBsR4/0ePGSzxC:IIO/7aOlxzr3cOK3TajRfXFMKNxC

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks