berbew | 0e15d9018745b1791f1b2f84446bcc62e656ffcf6aa0aa9c620575c0c26f1cd0 | Triage

Submit
Reports

Overview

overview

Static

static

f9199c7c90...cs.exe

windows7-x64

f9199c7c90...cs.exe

windows10-2004-x64

Sharing

General

Target

f9199c7c90e9b6309abebd8742250840_NeikiAnalytics.exe
Size

464KB
Sample

240526-pgtd3ace45
MD5

f9199c7c90e9b6309abebd8742250840
SHA1

c17f194f213dcc3a1fed14d7c4be3d20bf71dd6a
SHA256

0e15d9018745b1791f1b2f84446bcc62e656ffcf6aa0aa9c620575c0c26f1cd0
SHA512

a13074e7850a492c54b43db4384d47c17e88fa11938916a68c538e2a0f3f6e097896a00930c3553ccea6ce53ecb2f8a9584f466ba86f6b2c20b38dd59863d89d
SSDEEP

12288:J4wFHoSTeR0oQRkay+eFp3IDvSbh5nPVP+OKaf1VQ:VeR0oykayRFp3lztP+OKaf1VQ

Score

10^/10

berbew blackmoon backdoor banker dropper trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

f9199c7c90e9b6309abebd8742250840_NeikiAnalytics.exe

Resource

win7-20240508-en

blackmoon backdoor banker dropper trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f9199c7c90e9b6309abebd8742250840_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon backdoor banker dropper trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  f9199c7c90e9b6309abebd8742250840_NeikiAnalytics.exe
- Size
  
  464KB
- MD5
  
  f9199c7c90e9b6309abebd8742250840
- SHA1
  
  c17f194f213dcc3a1fed14d7c4be3d20bf71dd6a
- SHA256
  
  0e15d9018745b1791f1b2f84446bcc62e656ffcf6aa0aa9c620575c0c26f1cd0
- SHA512
  
  a13074e7850a492c54b43db4384d47c17e88fa11938916a68c538e2a0f3f6e097896a00930c3553ccea6ce53ecb2f8a9584f466ba86f6b2c20b38dd59863d89d
- SSDEEP
  
  12288:J4wFHoSTeR0oQRkay+eFp3IDvSbh5nPVP+OKaf1VQ:VeR0oykayRFp3lztP+OKaf1VQ
Score

10^/10

blackmoon backdoor banker dropper trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

blackmoonbackdoorbankerdroppertrojanupx

behavioral2

blackmoonbackdoorbankerdroppertrojanupx

© 2018-2024

Terms | Privacy