berbew | f9f19f07a5996f19be240df6c403f571898a2cdb9b2d379dd8d0966694b233c9 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

69d9be638f...cs.exe

windows7-x64

69d9be638f...cs.exe

windows10-2004-x64

Sharing

General

Target

69d9be638f02536a48e42f4d1ef28960_NeikiAnalytics.exe
Size

251KB
Sample

240530-1sqcbsca33
MD5

69d9be638f02536a48e42f4d1ef28960
SHA1

f962f39ce5e07410b9c255290b4f408e67829f51
SHA256

f9f19f07a5996f19be240df6c403f571898a2cdb9b2d379dd8d0966694b233c9
SHA512

e4302773a46cc376a12b8a397c7263cfdc5164c186c826133f1c8c08e9364a25eded2e0b293e6ee7efbc85a4f620dbe90ea1d183a628e44d7e3a55b93ca6c9a9
SSDEEP

3072:chOmTsF93UYfwC6GIoutieyhC2lbgGi5yLpcgDE4JBuItR8pTsgZ9WT4iaz+H:ccm4FmowdHoSi9EIBftapTs4WZazY

Score

10^/10

berbew blackmoon backdoor banker dropper trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

69d9be638f02536a48e42f4d1ef28960_NeikiAnalytics.exe

Resource

win7-20240419-en

blackmoon backdoor banker dropper trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

69d9be638f02536a48e42f4d1ef28960_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon backdoor banker dropper trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  69d9be638f02536a48e42f4d1ef28960_NeikiAnalytics.exe
- Size
  
  251KB
- MD5
  
  69d9be638f02536a48e42f4d1ef28960
- SHA1
  
  f962f39ce5e07410b9c255290b4f408e67829f51
- SHA256
  
  f9f19f07a5996f19be240df6c403f571898a2cdb9b2d379dd8d0966694b233c9
- SHA512
  
  e4302773a46cc376a12b8a397c7263cfdc5164c186c826133f1c8c08e9364a25eded2e0b293e6ee7efbc85a4f620dbe90ea1d183a628e44d7e3a55b93ca6c9a9
- SSDEEP
  
  3072:chOmTsF93UYfwC6GIoutieyhC2lbgGi5yLpcgDE4JBuItR8pTsgZ9WT4iaz+H:ccm4FmowdHoSi9EIBftapTs4WZazY
Score

10^/10

blackmoon backdoor banker dropper trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

blackmoonbackdoorbankerdroppertrojanupx

behavioral2

blackmoonbackdoorbankerdroppertrojanupx

© 2018-2025

Terms | Privacy