berbew | 33e9ee4ef4b73f35091aea167dc74a999e8b9cc9f7e2f43385fe2fab48eef856 | Triage

Submit
Reports

Overview

overview

Static

static

75b5d0f220...cs.exe

windows7-x64

75b5d0f220...cs.exe

windows10-2004-x64

Sharing

General

Target

75b5d0f22025d4824a8ede95dba16f50_NeikiAnalytics.exe
Size

122KB
Sample

240523-cpxp8sab7w
MD5

75b5d0f22025d4824a8ede95dba16f50
SHA1

709d481263f8b051dd4bc8797578ebaea48cc63d
SHA256

33e9ee4ef4b73f35091aea167dc74a999e8b9cc9f7e2f43385fe2fab48eef856
SHA512

d5e164eb853cc2e4d13711e0236ae0a5b4ec3bbafe48c7b4d036d3db2b0f2acb64c5bebfa788edd3022fc1a1194f3f59871de2d5d023a5af3ae3192f16f0c961
SSDEEP

1536:lvm1Fu8AjYaFwjRUdW7fmyY7aZYJVmy0KQbj6vbjuKoauGi4u:6u8ANCUdgfmD7zey0KUj6TjR9i4u

Score

10^/10

berbew backdoor dropper evasion trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

75b5d0f22025d4824a8ede95dba16f50_NeikiAnalytics.exe

Resource

win7-20240221-en

backdoor dropper evasion trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

75b5d0f22025d4824a8ede95dba16f50_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

backdoor dropper evasion trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  75b5d0f22025d4824a8ede95dba16f50_NeikiAnalytics.exe
- Size
  
  122KB
- MD5
  
  75b5d0f22025d4824a8ede95dba16f50
- SHA1
  
  709d481263f8b051dd4bc8797578ebaea48cc63d
- SHA256
  
  33e9ee4ef4b73f35091aea167dc74a999e8b9cc9f7e2f43385fe2fab48eef856
- SHA512
  
  d5e164eb853cc2e4d13711e0236ae0a5b4ec3bbafe48c7b4d036d3db2b0f2acb64c5bebfa788edd3022fc1a1194f3f59871de2d5d023a5af3ae3192f16f0c961
- SSDEEP
  
  1536:lvm1Fu8AjYaFwjRUdW7fmyY7aZYJVmy0KQbj6vbjuKoauGi4u:6u8ANCUdgfmD7zey0KUj6TjR9i4u
Score

10^/10

backdoor dropper evasion trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordropperevasiontrojan

behavioral2

backdoordropperevasiontrojan

© 2018-2024

Terms | Privacy