berbew | d8087907708cca71e4131c0e3c4c1bc0457782f2da7a726d4b8250f844e81037 | Triage

Submit
Reports

Overview

overview

Static

static

08b34718c7...cs.exe

windows7-x64

08b34718c7...cs.exe

windows10-2004-x64

Sharing

General

Target

08b34718c7d62a8c51287b2afd9290d0_NeikiAnalytics.exe
Size

172KB
Sample

240604-1nttyscf5s
MD5

08b34718c7d62a8c51287b2afd9290d0
SHA1

61ace687aa5b18c01f26a7a37edcb28cbee0beac
SHA256

d8087907708cca71e4131c0e3c4c1bc0457782f2da7a726d4b8250f844e81037
SHA512

227ffd2708822943a87c16f5368575d532e0af5ae983ce598eabf49aa6210f5a33bc2ca1d00937c84f7b84b352f5c395236126b4003132f9912c9ef5baef1724
SSDEEP

3072:EmVwRKCzG7wIxY6UT+THFLKcRaTOuNfnn4h1UiGe7r0/yTl:EmVnkG7Rx1Ui7F9RuOO48iJH0qp

Score

10^/10

berbew backdoor dropper evasion trojan upx

Static task

static1

upx backdoor trojan dropper berbew

4 signatures

Behavioral task

behavioral1

Sample

08b34718c7d62a8c51287b2afd9290d0_NeikiAnalytics.exe

Resource

win7-20240215-en

backdoor dropper evasion trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

08b34718c7d62a8c51287b2afd9290d0_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

backdoor dropper evasion trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  08b34718c7d62a8c51287b2afd9290d0_NeikiAnalytics.exe
- Size
  
  172KB
- MD5
  
  08b34718c7d62a8c51287b2afd9290d0
- SHA1
  
  61ace687aa5b18c01f26a7a37edcb28cbee0beac
- SHA256
  
  d8087907708cca71e4131c0e3c4c1bc0457782f2da7a726d4b8250f844e81037
- SHA512
  
  227ffd2708822943a87c16f5368575d532e0af5ae983ce598eabf49aa6210f5a33bc2ca1d00937c84f7b84b352f5c395236126b4003132f9912c9ef5baef1724
- SSDEEP
  
  3072:EmVwRKCzG7wIxY6UT+THFLKcRaTOuNfnn4h1UiGe7r0/yTl:EmVnkG7Rx1Ui7F9RuOO48iJH0qp
Score

10^/10

backdoor dropper evasion trojan upx
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

upxbackdoortrojandropperberbew

behavioral1

backdoordropperevasiontrojanupx

behavioral2

backdoordropperevasiontrojanupx

© 2018-2024

Terms | Privacy