berbew | 4a87e78f4edaccfc8aab00a555d4e86f23be3ff07d8449c27caace289532ff45 | Triage

Submit
Reports

Overview

overview

Static

static

11d9d49d5a...cs.exe

windows7-x64

11d9d49d5a...cs.exe

windows10-2004-x64

Sharing

General

Target

11d9d49d5a09f8584901a3027b3379d0_NeikiAnalytics.exe
Size

1.3MB
Sample

240527-a6dycaac2x
MD5

11d9d49d5a09f8584901a3027b3379d0
SHA1

8e2332b03f47c7de9e4d816e25f646576921f632
SHA256

4a87e78f4edaccfc8aab00a555d4e86f23be3ff07d8449c27caace289532ff45
SHA512

4efb5a04cd2dcae9f5f23d0a50efa3d0a650fd79e4fccf2e27fb96acf8e4db8e9020ba21e2f56ed01f6750d8e303a1104b2cf4ef3aa5a36c73f9fb9112858c92
SSDEEP

24576:9b58L4uvxxCNZauljb+wga/ZSE0E77sFZTDleyVVv:918LpqN5l/+wggl0EghcyVVv

Score

10^/10

berbew backdoor dropper trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

11d9d49d5a09f8584901a3027b3379d0_NeikiAnalytics.exe

Resource

win7-20240221-en

backdoor dropper trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

11d9d49d5a09f8584901a3027b3379d0_NeikiAnalytics.exe

Resource

win10v2004-20240226-en

backdoor dropper trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  11d9d49d5a09f8584901a3027b3379d0_NeikiAnalytics.exe
- Size
  
  1.3MB
- MD5
  
  11d9d49d5a09f8584901a3027b3379d0
- SHA1
  
  8e2332b03f47c7de9e4d816e25f646576921f632
- SHA256
  
  4a87e78f4edaccfc8aab00a555d4e86f23be3ff07d8449c27caace289532ff45
- SHA512
  
  4efb5a04cd2dcae9f5f23d0a50efa3d0a650fd79e4fccf2e27fb96acf8e4db8e9020ba21e2f56ed01f6750d8e303a1104b2cf4ef3aa5a36c73f9fb9112858c92
- SSDEEP
  
  24576:9b58L4uvxxCNZauljb+wga/ZSE0E77sFZTDleyVVv:918LpqN5l/+wggl0EghcyVVv
Score

10^/10

backdoor dropper trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordroppertrojan

behavioral2

backdoordroppertrojan

© 2018-2024

Terms | Privacy