berbew | b0aba5f6695c30279425d442f16b91dc849a3b070a84d75c0c8dcd54123a5989 | Triage

Submit
Reports

Overview

overview

Static

static

9d7fcb2379...cs.exe

windows7-x64

9d7fcb2379...cs.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

9d7fcb23799320643f6ccbd925ed9a30_NeikiAnalytics.exe
Size

128KB
Sample

240603-gesezsde61
MD5

9d7fcb23799320643f6ccbd925ed9a30
SHA1

36bdca0d96140c0be873199e5c8647f2e7e902f3
SHA256

b0aba5f6695c30279425d442f16b91dc849a3b070a84d75c0c8dcd54123a5989
SHA512

fc8964969dcc8b61818d3190dff6f83eb0da6f24a282fd60cc9dd8faffdec7abef71515927d51b12e0e4c8622b9b0b000fcab7a5e82f6acbb7bb64364dd6f79b
SSDEEP

1536:qomisaVH4SxfUmMg/BF9mIByr9JtxHKJgReW5RQDORfRa9HprmRfRJCLIXG:qmvHdh/9oH5peDO5wkpHxG

Score

10^/10

berbew backdoor dropper persistence trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

9d7fcb23799320643f6ccbd925ed9a30_NeikiAnalytics.exe

Resource

win7-20231129-en

backdoor dropper persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9d7fcb23799320643f6ccbd925ed9a30_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

backdoor dropper persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  9d7fcb23799320643f6ccbd925ed9a30_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  9d7fcb23799320643f6ccbd925ed9a30
- SHA1
  
  36bdca0d96140c0be873199e5c8647f2e7e902f3
- SHA256
  
  b0aba5f6695c30279425d442f16b91dc849a3b070a84d75c0c8dcd54123a5989
- SHA512
  
  fc8964969dcc8b61818d3190dff6f83eb0da6f24a282fd60cc9dd8faffdec7abef71515927d51b12e0e4c8622b9b0b000fcab7a5e82f6acbb7bb64364dd6f79b
- SSDEEP
  
  1536:qomisaVH4SxfUmMg/BF9mIByr9JtxHKJgReW5RQDORfRa9HprmRfRJCLIXG:qmvHdh/9oH5peDO5wkpHxG
Score

10^/10

backdoor dropper persistence trojan
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordropperpersistencetrojan

behavioral2

backdoordropperpersistencetrojan

© 2018-2025

Terms | Privacy