Overview

overview

10

Static

static

10

25ec72ace4...cs.exe

windows7-x64

10

25ec72ace4...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25ec72ace4fce21307e276c2237157e0_NeikiAnalytics.exe

  • Size

    108KB

  • Sample

    240525-1ty1vsbh3s

  • MD5

    25ec72ace4fce21307e276c2237157e0

  • SHA1

    bb25648ae9c8a7755956e6f95095a04c1103386b

  • SHA256

    5949c59a0cfe06e86cb28576c60587d6f408f732d74b724890d346d08898a381

  • SHA512

    0fc0bb0bff66ea4479418a9cde251309089500004201a272894e11570109b1defb09be0903d7ac341b32849dd01986200b0bc35b49c56a35eb2260c398791232

  • SSDEEP

    1536:LQ8w6PMteciSyVixMwB+rjm8NiIqhn3HQ8BawTj2wQ3K:M8voe0pUjmOiBn3w8BdTj2h3K

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      25ec72ace4fce21307e276c2237157e0_NeikiAnalytics.exe

    • Size

      108KB

    • MD5

      25ec72ace4fce21307e276c2237157e0

    • SHA1

      bb25648ae9c8a7755956e6f95095a04c1103386b

    • SHA256

      5949c59a0cfe06e86cb28576c60587d6f408f732d74b724890d346d08898a381

    • SHA512

      0fc0bb0bff66ea4479418a9cde251309089500004201a272894e11570109b1defb09be0903d7ac341b32849dd01986200b0bc35b49c56a35eb2260c398791232

    • SSDEEP

      1536:LQ8w6PMteciSyVixMwB+rjm8NiIqhn3HQ8BawTj2wQ3K:M8voe0pUjmOiBn3w8BdTj2h3K

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks