berbew | 5a263e1964484df64bd2f665f55223967f0e35dd56d90aa944bc31dec84fd4e2 | Triage

Submit
Reports

Overview

overview

Static

static

1fab2c6e63...cs.exe

windows7-x64

1fab2c6e63...cs.exe

windows10-2004-x64

Sharing

General

Target

1fab2c6e63761fb11bfc67073c1a7450_NeikiAnalytics.exe
Size

1.3MB
Sample

240527-fe3ehsgf6y
MD5

1fab2c6e63761fb11bfc67073c1a7450
SHA1

2a1700745e6b7bb49cbf63476c6afe2dc9fd2b15
SHA256

5a263e1964484df64bd2f665f55223967f0e35dd56d90aa944bc31dec84fd4e2
SHA512

2dd034d957e2118d89e9a91a22fa6cee03cd1587d2d32be6c2a9af45c70be7aa5234503aba63146fc09b214b6e1459a2e918366363776320ced00d93349db7b4
SSDEEP

24576:qVZj6AR51wrjsOBvpCphWYt/TBb4eBTWa/ZSjXuF77Lv+f6T8Qnskb2i6OBKaBWE:qV8RrJuphWYN9bjQgGXuFbq4TT+E

Score

10^/10

berbew backdoor dropper trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

1fab2c6e63761fb11bfc67073c1a7450_NeikiAnalytics.exe

Resource

win7-20240221-en

backdoor dropper trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1fab2c6e63761fb11bfc67073c1a7450_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

backdoor dropper trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  1fab2c6e63761fb11bfc67073c1a7450_NeikiAnalytics.exe
- Size
  
  1.3MB
- MD5
  
  1fab2c6e63761fb11bfc67073c1a7450
- SHA1
  
  2a1700745e6b7bb49cbf63476c6afe2dc9fd2b15
- SHA256
  
  5a263e1964484df64bd2f665f55223967f0e35dd56d90aa944bc31dec84fd4e2
- SHA512
  
  2dd034d957e2118d89e9a91a22fa6cee03cd1587d2d32be6c2a9af45c70be7aa5234503aba63146fc09b214b6e1459a2e918366363776320ced00d93349db7b4
- SSDEEP
  
  24576:qVZj6AR51wrjsOBvpCphWYt/TBb4eBTWa/ZSjXuF77Lv+f6T8Qnskb2i6OBKaBWE:qV8RrJuphWYN9bjQgGXuFbq4TT+E
Score

10^/10

backdoor dropper trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordroppertrojan

behavioral2

backdoordroppertrojan

© 2018-2024

Terms | Privacy