berbew | 2efd01bb3b0c34f27fddc7821b0ccf9e81d1b9417ce033a472c7e1fb2aa996e7 | Triage

Submit
Reports

Overview

overview

Static

static

00104c9769...cs.exe

windows7-x64

00104c9769...cs.exe

windows10-2004-x64

Sharing

General

Target

00104c976967a8c76c8eee1039fb31b0_NeikiAnalytics.exe
Size

991KB
Sample

240526-p7blyaee6w
MD5

00104c976967a8c76c8eee1039fb31b0
SHA1

e3d742b9051f67e985444c49d0a69e55370720b5
SHA256

2efd01bb3b0c34f27fddc7821b0ccf9e81d1b9417ce033a472c7e1fb2aa996e7
SHA512

45b3fbfed99f4a76fd2c190517c860aa5c3c8913685d174b6086840d0966d131871c4c7fd7916985cb7f262a790a00754336b60878bc171c91a123643084a971
SSDEEP

24576:06FowquPvO8SW0PfjZEzOf1aSU8/ha/ZSMQugi8ndZ5G:7awMb8qJg1Qugi8ndZ5G

Score

10^/10

berbew backdoor dropper trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

00104c976967a8c76c8eee1039fb31b0_NeikiAnalytics.exe

Resource

win7-20240221-en

backdoor dropper trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

00104c976967a8c76c8eee1039fb31b0_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

backdoor dropper trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  00104c976967a8c76c8eee1039fb31b0_NeikiAnalytics.exe
- Size
  
  991KB
- MD5
  
  00104c976967a8c76c8eee1039fb31b0
- SHA1
  
  e3d742b9051f67e985444c49d0a69e55370720b5
- SHA256
  
  2efd01bb3b0c34f27fddc7821b0ccf9e81d1b9417ce033a472c7e1fb2aa996e7
- SHA512
  
  45b3fbfed99f4a76fd2c190517c860aa5c3c8913685d174b6086840d0966d131871c4c7fd7916985cb7f262a790a00754336b60878bc171c91a123643084a971
- SSDEEP
  
  24576:06FowquPvO8SW0PfjZEzOf1aSU8/ha/ZSMQugi8ndZ5G:7awMb8qJg1Qugi8ndZ5G
Score

10^/10

backdoor dropper trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordroppertrojan

behavioral2

backdoordroppertrojan

© 2018-2024

Terms | Privacy