Overview

overview

10

Static

static

10

NEAS.a2fca...10.exe

windows7-x64

10

NEAS.a2fca...10.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.a2fcab4b2838328785984948682bb310.exe

  • Size

    133KB

  • Sample

    231021-1a9cgsfg91

  • MD5

    a2fcab4b2838328785984948682bb310

  • SHA1

    ae7939540b81fd534c6c25ccf38c9c8cf3ff01bc

  • SHA256

    56c675d60448c4dab90c27a8b581a157e95e78062ac58394ea4398f56bfdf4e8

  • SHA512

    9d52d53815803f73217692e8d97382f166b6115f5de912ed817f3e6f83aac2d6c47d14c216642886db19625cee775b05ab012be439c3a9fce7fa0b2c43d29cae

  • SSDEEP

    1536:mMf5Z6SgC45qjzEgQjILQ9FKGXllUDtM60TD4ruhiZlrQIFiglF9xZ95whDFTa:Vf/6SQkEnKG7UDd0pCrQIFdFtLwzTa

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.a2fcab4b2838328785984948682bb310.exe

    • Size

      133KB

    • MD5

      a2fcab4b2838328785984948682bb310

    • SHA1

      ae7939540b81fd534c6c25ccf38c9c8cf3ff01bc

    • SHA256

      56c675d60448c4dab90c27a8b581a157e95e78062ac58394ea4398f56bfdf4e8

    • SHA512

      9d52d53815803f73217692e8d97382f166b6115f5de912ed817f3e6f83aac2d6c47d14c216642886db19625cee775b05ab012be439c3a9fce7fa0b2c43d29cae

    • SSDEEP

      1536:mMf5Z6SgC45qjzEgQjILQ9FKGXllUDtM60TD4ruhiZlrQIFiglF9xZ95whDFTa:Vf/6SQkEnKG7UDd0pCrQIFdFtLwzTa

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks