berbew | 682b9d5f4e972940de54d6812257c725be1871bfeb202d1eae1e33d06a6418c1 | Triage

Submit
Reports

Overview

overview

Static

static

505183ef2c...cs.exe

windows7-x64

505183ef2c...cs.exe

windows10-2004-x64

Sharing

General

Target

505183ef2c8570bf8028f8d1e944cb60_NeikiAnalytics.exe
Size

1004KB
Sample

240605-mh8t2ada5w
MD5

505183ef2c8570bf8028f8d1e944cb60
SHA1

a21963da4eb3f7f75893fe5cbb2ebd5323b1bc56
SHA256

682b9d5f4e972940de54d6812257c725be1871bfeb202d1eae1e33d06a6418c1
SHA512

de1949de9d5623b038028bae34e9a93a5a7d11e9fed4abd93f71a6f7890fa1b673c5c200febbb32344425a81331dffc0aab83ce743cf091e03706c0e59b29b46
SSDEEP

24576:QkdIHFimTWuSi5FFyPrpXsok09exEOiX0a/ZSCBHn677:QKIHFRSiIlpk099OiX0gVBHn6

Score

10^/10

berbew backdoor dropper trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

505183ef2c8570bf8028f8d1e944cb60_NeikiAnalytics.exe

Resource

win7-20240221-en

backdoor dropper trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

505183ef2c8570bf8028f8d1e944cb60_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

backdoor dropper trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  505183ef2c8570bf8028f8d1e944cb60_NeikiAnalytics.exe
- Size
  
  1004KB
- MD5
  
  505183ef2c8570bf8028f8d1e944cb60
- SHA1
  
  a21963da4eb3f7f75893fe5cbb2ebd5323b1bc56
- SHA256
  
  682b9d5f4e972940de54d6812257c725be1871bfeb202d1eae1e33d06a6418c1
- SHA512
  
  de1949de9d5623b038028bae34e9a93a5a7d11e9fed4abd93f71a6f7890fa1b673c5c200febbb32344425a81331dffc0aab83ce743cf091e03706c0e59b29b46
- SSDEEP
  
  24576:QkdIHFimTWuSi5FFyPrpXsok09exEOiX0a/ZSCBHn677:QKIHFRSiIlpk099OiX0gVBHn6
Score

10^/10

backdoor dropper trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordroppertrojan

behavioral2

backdoordroppertrojan

© 2018-2024

Terms | Privacy