berbew | c5812afa52b3c7c256e36316905f691e2adc77ae3a5a7534395cb4c816d419b1 | Triage

Submit
Reports

Overview

overview

Static

static

08619ac157...cs.exe

windows7-x64

08619ac157...cs.exe

windows10-2004-x64

Sharing

General

Target

08619ac1578420c0f0bd4ad406da8110_NeikiAnalytics.exe
Size

991KB
Sample

240604-1mr9qsdd23
MD5

08619ac1578420c0f0bd4ad406da8110
SHA1

472368b4baca14d20e1cd374db65a2cf26f0ff4e
SHA256

c5812afa52b3c7c256e36316905f691e2adc77ae3a5a7534395cb4c816d419b1
SHA512

f76bdb8808186c4c2f7c57bd97749ecf8287d70f6dc110a816a57be01186f2b725f9862f3b674e77a40a0b2c295dd6aa847821405d92daae07a57994cc2616dc
SSDEEP

24576:BxlQKXIJojIj7qH3QGUONWvgQ0Ha/ZSMQugi8ndZ5G:uKDa2sE00Hg1Qugi8ndZ5G

Score

10^/10

berbew backdoor dropper trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

08619ac1578420c0f0bd4ad406da8110_NeikiAnalytics.exe

Resource

win7-20240215-en

backdoor dropper trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

08619ac1578420c0f0bd4ad406da8110_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

backdoor dropper trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  08619ac1578420c0f0bd4ad406da8110_NeikiAnalytics.exe
- Size
  
  991KB
- MD5
  
  08619ac1578420c0f0bd4ad406da8110
- SHA1
  
  472368b4baca14d20e1cd374db65a2cf26f0ff4e
- SHA256
  
  c5812afa52b3c7c256e36316905f691e2adc77ae3a5a7534395cb4c816d419b1
- SHA512
  
  f76bdb8808186c4c2f7c57bd97749ecf8287d70f6dc110a816a57be01186f2b725f9862f3b674e77a40a0b2c295dd6aa847821405d92daae07a57994cc2616dc
- SSDEEP
  
  24576:BxlQKXIJojIj7qH3QGUONWvgQ0Ha/ZSMQugi8ndZ5G:uKDa2sE00Hg1Qugi8ndZ5G
Score

10^/10

backdoor dropper trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordroppertrojan

behavioral2

backdoordroppertrojan

© 2018-2024

Terms | Privacy