berbew | 2d8050ec94699e1c60872d18093730150647240a7ab2c97e58a9a9d314fa9f51 | Triage

Submit
Reports

Overview

overview

Static

static

e166d727e8...cs.exe

windows7-x64

e166d727e8...cs.exe

windows10-2004-x64

Sharing

General

Target

e166d727e89fa1c86a9d597c776a7220_NeikiAnalytics.exe
Size

464KB
Sample

240519-sqq7vacf74
MD5

e166d727e89fa1c86a9d597c776a7220
SHA1

34e75f1872fd9cfbfaa2a7c2c5e43bbe12f22224
SHA256

2d8050ec94699e1c60872d18093730150647240a7ab2c97e58a9a9d314fa9f51
SHA512

9f312956f45aa722b7a5687ce359cf4eb303474c609aa658ca436ab9459140a0e5323c8a8ad0f47f85774696c55eeaa4122fba06b5f51c8275813dadb4900625
SSDEEP

12288:J4wFHoSTeR0oQRkay+eFp3IDvSbh5nPVP+OKaf1V5:VeR0oykayRFp3lztP+OKaf1V5

Score

10^/10

berbew blackmoon backdoor banker dropper trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

e166d727e89fa1c86a9d597c776a7220_NeikiAnalytics.exe

Resource

win7-20240508-en

blackmoon backdoor banker dropper trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e166d727e89fa1c86a9d597c776a7220_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon backdoor banker dropper trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  e166d727e89fa1c86a9d597c776a7220_NeikiAnalytics.exe
- Size
  
  464KB
- MD5
  
  e166d727e89fa1c86a9d597c776a7220
- SHA1
  
  34e75f1872fd9cfbfaa2a7c2c5e43bbe12f22224
- SHA256
  
  2d8050ec94699e1c60872d18093730150647240a7ab2c97e58a9a9d314fa9f51
- SHA512
  
  9f312956f45aa722b7a5687ce359cf4eb303474c609aa658ca436ab9459140a0e5323c8a8ad0f47f85774696c55eeaa4122fba06b5f51c8275813dadb4900625
- SSDEEP
  
  12288:J4wFHoSTeR0oQRkay+eFp3IDvSbh5nPVP+OKaf1V5:VeR0oykayRFp3lztP+OKaf1V5
Score

10^/10

blackmoon backdoor banker dropper trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

blackmoonbackdoorbankerdroppertrojanupx

behavioral2

blackmoonbackdoorbankerdroppertrojanupx

© 2018-2024

Terms | Privacy