Overview

overview

10

Static

static

10

0bdd2f8a73...cs.exe

windows7-x64

10

0bdd2f8a73...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0bdd2f8a734d4a2e3e47543a67e102b0_NeikiAnalytics.exe

  • Size

    172KB

  • Sample

    240526-sesljabc39

  • MD5

    0bdd2f8a734d4a2e3e47543a67e102b0

  • SHA1

    dc88479eb9a72d83b90e64675fd65d5e8730f89a

  • SHA256

    b99b1f442a7c9dddfb33e3e9231e3fa2ec0ad29558af5357a4a3a3802dbd2ed0

  • SHA512

    dfdcd8ee91bd0551876d5d360f5b8505f7256573286d508053729a5af9ee6753b2ad2c075e85e35ea8aae83c44f7082ae721c00c453e23aaf05222ee37a1d482

  • SSDEEP

    3072:EmVwRKCzG7wIxY6UT+THFLKcRaTOuNfnn4h1UiGe7r0/yTn:EmVnkG7Rx1Ui7F9RuOO48iJH0qr

Score
10/10
berbewbackdoordropperevasiontrojanupx

Malware Config

Targets

    • Target

      0bdd2f8a734d4a2e3e47543a67e102b0_NeikiAnalytics.exe

    • Size

      172KB

    • MD5

      0bdd2f8a734d4a2e3e47543a67e102b0

    • SHA1

      dc88479eb9a72d83b90e64675fd65d5e8730f89a

    • SHA256

      b99b1f442a7c9dddfb33e3e9231e3fa2ec0ad29558af5357a4a3a3802dbd2ed0

    • SHA512

      dfdcd8ee91bd0551876d5d360f5b8505f7256573286d508053729a5af9ee6753b2ad2c075e85e35ea8aae83c44f7082ae721c00c453e23aaf05222ee37a1d482

    • SSDEEP

      3072:EmVwRKCzG7wIxY6UT+THFLKcRaTOuNfnn4h1UiGe7r0/yTn:EmVnkG7Rx1Ui7F9RuOO48iJH0qr

    Score
    10/10
    backdoordropperevasiontrojanupx

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Modifies visibility of file extensions in Explorer

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks