Overview

overview

10

Static

static

10

3217b523b4...cs.exe

windows7-x64

10

3217b523b4...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3217b523b44f0a25588fe89cd21a5170_NeikiAnalytics.exe

  • Size

    1.3MB

  • Sample

    240604-f2j7fsfa62

  • MD5

    3217b523b44f0a25588fe89cd21a5170

  • SHA1

    7b99146b700faf42cc6b8543e5f0fbf998e3f58b

  • SHA256

    f08fcec11cc71795646c9a461036260b865f33a6f9f8900375c5b5e78ba77c61

  • SHA512

    6bf5d58d635b51df82004cac33d6249dfe68e1094532a62839fe99aab1ee2288bd99d6d9543f6499526645ec165757c0c56d9b9dbf0ef67605354f3e948fccc9

  • SSDEEP

    24576:y/4p98H0LanZuASpbwYb3v7TCa/ZSjXuF77Lv+f6T8Qnskb2i6OBKaBWvM:y0zanU79jvCgGXuFbq4TT+E

Score
10/10
berbewbackdoordroppertrojan

Malware Config

Targets

    • Target

      3217b523b44f0a25588fe89cd21a5170_NeikiAnalytics.exe

    • Size

      1.3MB

    • MD5

      3217b523b44f0a25588fe89cd21a5170

    • SHA1

      7b99146b700faf42cc6b8543e5f0fbf998e3f58b

    • SHA256

      f08fcec11cc71795646c9a461036260b865f33a6f9f8900375c5b5e78ba77c61

    • SHA512

      6bf5d58d635b51df82004cac33d6249dfe68e1094532a62839fe99aab1ee2288bd99d6d9543f6499526645ec165757c0c56d9b9dbf0ef67605354f3e948fccc9

    • SSDEEP

      24576:y/4p98H0LanZuASpbwYb3v7TCa/ZSjXuF77Lv+f6T8Qnskb2i6OBKaBWvM:y0zanU79jvCgGXuFbq4TT+E

    Score
    10/10
    backdoordroppertrojan

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks