berbew | f755b9e44bb9e6b21661a99a0a36f4d8e2597b5de672fdf48981d9abb1870cce | Triage

Submit
Reports

Overview

overview

Static

static

e37839ddff...cs.exe

windows7-x64

e37839ddff...cs.exe

windows10-2004-x64

Sharing

General

Target

e37839ddff94d920d11d20ae4fca4390_NeikiAnalytics.exe
Size

464KB
Sample

240518-sz53csae62
MD5

e37839ddff94d920d11d20ae4fca4390
SHA1

381b0450eb9d19303bb912a09f2ddfdcca8ec563
SHA256

f755b9e44bb9e6b21661a99a0a36f4d8e2597b5de672fdf48981d9abb1870cce
SHA512

46ba4f34c24a8f5bbc934615c3cb762c80066160130c5a27bd1db40334ec403e2f07a5760406098daba8c265c9e184235f9f4aa10d41eb4fd1fb7136abeb864a
SSDEEP

12288:J4wFHoSTeR0oQRkay+eFp3IDvSbh5nPVP+OKaf1VV:VeR0oykayRFp3lztP+OKaf1VV

Score

10^/10

berbew blackmoon backdoor banker dropper trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

e37839ddff94d920d11d20ae4fca4390_NeikiAnalytics.exe

Resource

win7-20240221-en

blackmoon backdoor banker dropper trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e37839ddff94d920d11d20ae4fca4390_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon backdoor banker dropper trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  e37839ddff94d920d11d20ae4fca4390_NeikiAnalytics.exe
- Size
  
  464KB
- MD5
  
  e37839ddff94d920d11d20ae4fca4390
- SHA1
  
  381b0450eb9d19303bb912a09f2ddfdcca8ec563
- SHA256
  
  f755b9e44bb9e6b21661a99a0a36f4d8e2597b5de672fdf48981d9abb1870cce
- SHA512
  
  46ba4f34c24a8f5bbc934615c3cb762c80066160130c5a27bd1db40334ec403e2f07a5760406098daba8c265c9e184235f9f4aa10d41eb4fd1fb7136abeb864a
- SSDEEP
  
  12288:J4wFHoSTeR0oQRkay+eFp3IDvSbh5nPVP+OKaf1VV:VeR0oykayRFp3lztP+OKaf1VV
Score

10^/10

blackmoon backdoor banker dropper trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

blackmoonbackdoorbankerdroppertrojanupx

behavioral2

blackmoonbackdoorbankerdroppertrojanupx

© 2018-2024

Terms | Privacy