berbew | 52093dc654ad9ef5edf7deda55e6dbc728a186310fd63a27a3ba3e4792a8b8cc | Triage

Submit
Reports

Overview

overview

Static

static

02f806c1fb...cs.exe

windows7-x64

02f806c1fb...cs.exe

windows10-2004-x64

Sharing

General

Target

02f806c1fbadb2970873e9abc725ad50_NeikiAnalytics
Size

320KB
Sample

240516-v887gsgb97
MD5

02f806c1fbadb2970873e9abc725ad50
SHA1

52a2b14de2432222bf6576169ff397fcda4a5987
SHA256

52093dc654ad9ef5edf7deda55e6dbc728a186310fd63a27a3ba3e4792a8b8cc
SHA512

8bf0d0bc8040bb06f40d3df8046138a9ad543fbe34c41ecbac8de0e2b6bb6065b81577b4f11d1a462a782f124f8dcf9f598a706d9ea7e95b29a010b289202fc2
SSDEEP

6144:X9xWabjhJ9vKpO6c8TCndOGeKTame6UK+42GTQMJSZO5f7M0rx7/hP66qve6UK+I:NptnKOsedOGeKTaPkY660fIaDZkY66+

Score

10^/10

berbew backdoor dropper persistence trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

02f806c1fbadb2970873e9abc725ad50_NeikiAnalytics.exe

Resource

win7-20240221-en

backdoor dropper persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

02f806c1fbadb2970873e9abc725ad50_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

backdoor dropper persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  02f806c1fbadb2970873e9abc725ad50_NeikiAnalytics
- Size
  
  320KB
- MD5
  
  02f806c1fbadb2970873e9abc725ad50
- SHA1
  
  52a2b14de2432222bf6576169ff397fcda4a5987
- SHA256
  
  52093dc654ad9ef5edf7deda55e6dbc728a186310fd63a27a3ba3e4792a8b8cc
- SHA512
  
  8bf0d0bc8040bb06f40d3df8046138a9ad543fbe34c41ecbac8de0e2b6bb6065b81577b4f11d1a462a782f124f8dcf9f598a706d9ea7e95b29a010b289202fc2
- SSDEEP
  
  6144:X9xWabjhJ9vKpO6c8TCndOGeKTame6UK+42GTQMJSZO5f7M0rx7/hP66qve6UK+I:NptnKOsedOGeKTaPkY660fIaDZkY66+
Score

10^/10

backdoor dropper persistence trojan
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordropperpersistencetrojan

behavioral2

backdoordropperpersistencetrojan

© 2018-2025

Terms | Privacy