Overview

overview

10

Static

static

10

140549cfa8...cs.exe

windows7-x64

10

140549cfa8...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    140549cfa8703b51a0df50e512f5f7c0_NeikiAnalytics.exe

  • Size

    128KB

  • Sample

    240516-xhgewsah99

  • MD5

    140549cfa8703b51a0df50e512f5f7c0

  • SHA1

    34f7f61217d608fab36f55cafec5ca532dc37371

  • SHA256

    55ae0f102ce2544bbf007a55e06b88cad62be40e89c726494478922198e87978

  • SHA512

    a9829b1ed914f89f89acbdccb0721969984d70c8b83a3ba199645c7ee199f283e8a0d6ff01298ca6aceadd8b066445802242c0a8bc4d66269624a150d2a90f88

  • SSDEEP

    3072:Lzum0PZbwtlK2hM/fz3XrmW2wS7IrHrYj:fxeInuXT7mHwMOHm

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      140549cfa8703b51a0df50e512f5f7c0_NeikiAnalytics.exe

    • Size

      128KB

    • MD5

      140549cfa8703b51a0df50e512f5f7c0

    • SHA1

      34f7f61217d608fab36f55cafec5ca532dc37371

    • SHA256

      55ae0f102ce2544bbf007a55e06b88cad62be40e89c726494478922198e87978

    • SHA512

      a9829b1ed914f89f89acbdccb0721969984d70c8b83a3ba199645c7ee199f283e8a0d6ff01298ca6aceadd8b066445802242c0a8bc4d66269624a150d2a90f88

    • SSDEEP

      3072:Lzum0PZbwtlK2hM/fz3XrmW2wS7IrHrYj:fxeInuXT7mHwMOHm

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks