berbew | 04a78af2fe09667352eb9d8725e25f70_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

04a78af2fe09667352eb9d8725e25f70_NeikiAnalytics.exe
Size

991KB
MD5

04a78af2fe09667352eb9d8725e25f70
SHA1

80dc14864bc723f7b30c4989e1557434770dc2f5
SHA256

fd55edea8d5c0e0ffaf230909dcf2a473867ebc4bc416588bbf53cea40925942
SHA512

f87972d69252885ec9a7b5274c24e1a6f9d91a66c76756860f7c0c903f2f7f76470f9c111e62a8bdd433284510a999be74c839fab4fbeab6d425c2645e6a06d2
SSDEEP

24576:tW0L1aAEb6uRMCRnmi2+DVvyTklGBa/ZSMQugi8ndZ5G:tWLb6uOClZ2+DVv7lGBg1Qugi8ndZ5G

Score

10^/10

backdoor trojan dropper berbew

Malware Config

Signatures

Berbew family
berbew

Malware Dropper & Backdoor - Berbew 1 IoCs

Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

backdoor trojan dropper

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a78af2fe09667352eb9d8725e25f70_NeikiAnalytics.exe

Files

04a78af2fe09667352eb9d8725e25f70_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 633KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 81KB - Virtual size: 81KB

.data Size: 4KB - Virtual size: 4KB

.text Size: 633KB - Virtual size: 632KB

.rsrc Size: - Virtual size: 9KB

.CRT Size: 512B - Virtual size: 12B

.reloc Size: 2KB - Virtual size: 2KB

.rsrc Size: 156KB - Virtual size: 156KB

.l1 Size: 4KB - Virtual size: 4KB

.rdata Size: 9KB - Virtual size: 12KB

.text Size: 9KB - Virtual size: 12KB

.idata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 12KB

.rdata Size: 512B - Virtual size: 4KB

.pdata Size: 9KB - Virtual size: 12KB

.text
Size: 81KB - Virtual size: 81KB

.data
Size: 4KB - Virtual size: 4KB

.text
Size: 633KB - Virtual size: 632KB

.rsrc
Size: - Virtual size: 9KB

.CRT
Size: 512B - Virtual size: 12B

.reloc
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 156KB - Virtual size: 156KB

.l1
Size: 4KB - Virtual size: 4KB

.rdata
Size: 9KB - Virtual size: 12KB

.text
Size: 9KB - Virtual size: 12KB

.idata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 12KB

.rdata
Size: 512B - Virtual size: 4KB

.pdata
Size: 9KB - Virtual size: 12KB