berbew | 3a8e4717b85572e91e3adf10ae094f9ba846e5e2ead1ef54f759800ea59067f8 | Triage

Submit
Reports

Overview

overview

Static

static

1d48e906cd...cs.exe

windows7-x64

1d48e906cd...cs.exe

windows10-2004-x64

Sharing

General

Target

1d48e906cd1cf0af7a391ec1becb7950_NeikiAnalytics.exe
Size

1.2MB
Sample

240526-xhntzagb5v
MD5

1d48e906cd1cf0af7a391ec1becb7950
SHA1

f452f766bc9d89abd584c3b982ad49700eaec161
SHA256

3a8e4717b85572e91e3adf10ae094f9ba846e5e2ead1ef54f759800ea59067f8
SHA512

d5bd5099c95cccda206242e140173a413d9f5cb97d45b29777522fc04f274548bbe7f83370d3fc746c0789d8f49084a5ce94b841f42531a93eafc8dd361420d8
SSDEEP

24576:4fIEerrf5D+daoyUTIYKE4+j2m/F3Va/ZSua/JXINkDbC77Lv+f6T8ytUmmlD:lEy5D+U1YjfgRg6NkDObltUt

Score

10^/10

berbew backdoor dropper trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

1d48e906cd1cf0af7a391ec1becb7950_NeikiAnalytics.exe

Resource

win7-20240508-en

backdoor dropper trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1d48e906cd1cf0af7a391ec1becb7950_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

backdoor dropper trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  1d48e906cd1cf0af7a391ec1becb7950_NeikiAnalytics.exe
- Size
  
  1.2MB
- MD5
  
  1d48e906cd1cf0af7a391ec1becb7950
- SHA1
  
  f452f766bc9d89abd584c3b982ad49700eaec161
- SHA256
  
  3a8e4717b85572e91e3adf10ae094f9ba846e5e2ead1ef54f759800ea59067f8
- SHA512
  
  d5bd5099c95cccda206242e140173a413d9f5cb97d45b29777522fc04f274548bbe7f83370d3fc746c0789d8f49084a5ce94b841f42531a93eafc8dd361420d8
- SSDEEP
  
  24576:4fIEerrf5D+daoyUTIYKE4+j2m/F3Va/ZSua/JXINkDbC77Lv+f6T8ytUmmlD:lEy5D+U1YjfgRg6NkDObltUt
Score

10^/10

backdoor dropper trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordroppertrojan

behavioral2

backdoordroppertrojan

© 2018-2024

Terms | Privacy