Overview

overview

10

Static

static

10

04c6b0c7aa...cs.exe

windows7-x64

10

04c6b0c7aa...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04c6b0c7aa01eae38c4fa59bb0dd5780_NeikiAnalytics.exe

  • Size

    305KB

  • Sample

    240516-wefhrage67

  • MD5

    04c6b0c7aa01eae38c4fa59bb0dd5780

  • SHA1

    b496f50307e2ae237d606f9309da87471908b327

  • SHA256

    6db171d925573d499a586d6906d2a687c73ddc2e370a6c6a0f749bf0fc29b95f

  • SHA512

    522c57707e790ac984ff927fe3411fd16f9614a14e28256ff6f86bde8909beff6e3e32ee96d95984bd5a3b862b67ff029c8284c39f6527b44b2803525fb2a6d9

  • SSDEEP

    6144:DS+hOXRLFYNxunXe8yhrtMsQBvli+RQFdq:2+hnvAO8qRMsrOQF

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      04c6b0c7aa01eae38c4fa59bb0dd5780_NeikiAnalytics.exe

    • Size

      305KB

    • MD5

      04c6b0c7aa01eae38c4fa59bb0dd5780

    • SHA1

      b496f50307e2ae237d606f9309da87471908b327

    • SHA256

      6db171d925573d499a586d6906d2a687c73ddc2e370a6c6a0f749bf0fc29b95f

    • SHA512

      522c57707e790ac984ff927fe3411fd16f9614a14e28256ff6f86bde8909beff6e3e32ee96d95984bd5a3b862b67ff029c8284c39f6527b44b2803525fb2a6d9

    • SSDEEP

      6144:DS+hOXRLFYNxunXe8yhrtMsQBvli+RQFdq:2+hnvAO8qRMsrOQF

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks