berbew | 8613f9f54d3f12d24dde0913573deb9f4bdbaaf80b258552995650f520d0d2e8 | Triage

Submit
Reports

Overview

overview

Static

static

25a56fc2f3...cs.exe

windows7-x64

25a56fc2f3...cs.exe

windows10-2004-x64

Sharing

General

Target

25a56fc2f3b4fb0c1e4aa30e19942010_NeikiAnalytics.exe
Size

1.2MB
Sample

240527-jk9ybscg4x
MD5

25a56fc2f3b4fb0c1e4aa30e19942010
SHA1

7ace057643643d625851cd015bf0efb799add416
SHA256

8613f9f54d3f12d24dde0913573deb9f4bdbaaf80b258552995650f520d0d2e8
SHA512

d47e0d2deefc32c23c968574d4f35f921a5d0869f5e4e540424a8beadce796902a7dc83bcb2255bb06b08adf446db43a6dc1382438c513aaca525367ee9301c6
SSDEEP

24576:rb2R+g8vyFXEMN8kQbt101CmY7cbGJr9P1kvxQtpEsdyayqbvI6rpmoEFFgPxoir:/2R+n4wXrBtgRg6NkDObltUt

Score

10^/10

berbew backdoor dropper trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

25a56fc2f3b4fb0c1e4aa30e19942010_NeikiAnalytics.exe

Resource

win7-20240215-en

backdoor dropper trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

25a56fc2f3b4fb0c1e4aa30e19942010_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

backdoor dropper trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  25a56fc2f3b4fb0c1e4aa30e19942010_NeikiAnalytics.exe
- Size
  
  1.2MB
- MD5
  
  25a56fc2f3b4fb0c1e4aa30e19942010
- SHA1
  
  7ace057643643d625851cd015bf0efb799add416
- SHA256
  
  8613f9f54d3f12d24dde0913573deb9f4bdbaaf80b258552995650f520d0d2e8
- SHA512
  
  d47e0d2deefc32c23c968574d4f35f921a5d0869f5e4e540424a8beadce796902a7dc83bcb2255bb06b08adf446db43a6dc1382438c513aaca525367ee9301c6
- SSDEEP
  
  24576:rb2R+g8vyFXEMN8kQbt101CmY7cbGJr9P1kvxQtpEsdyayqbvI6rpmoEFFgPxoir:/2R+n4wXrBtgRg6NkDObltUt
Score

10^/10

backdoor dropper trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordroppertrojan

behavioral2

backdoordroppertrojan

© 2018-2024

Terms | Privacy