Overview

overview

10

Static

static

10

NEAS.baf05...e0.exe

windows7-x64

10

NEAS.baf05...e0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.baf059dbf74a050a86a45fce66fe2ce0.exe

  • Size

    79KB

  • Sample

    231021-1ckf5sad94

  • MD5

    baf059dbf74a050a86a45fce66fe2ce0

  • SHA1

    cf75a0d27a47f1789e7f035e0e20110a2eca4482

  • SHA256

    d576ff4260f5c6b48d263e5916731a1ee6fdec56de4c4928ad44c1b8e356f46b

  • SHA512

    a46939a20f3efe0cda81fbc72e152b1259e5c9c690e36bbd714f694336b5cc6959fc1f7629ffbe738a9207f8d18d29ebf29fc3df6a086f34be8c236192d29cf2

  • SSDEEP

    1536:a/l78LhqSYLuzs9I0Yvfgc7ZrI1jHJZrR:mh8Ljipnofgqu1jHJ9R

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.baf059dbf74a050a86a45fce66fe2ce0.exe

    • Size

      79KB

    • MD5

      baf059dbf74a050a86a45fce66fe2ce0

    • SHA1

      cf75a0d27a47f1789e7f035e0e20110a2eca4482

    • SHA256

      d576ff4260f5c6b48d263e5916731a1ee6fdec56de4c4928ad44c1b8e356f46b

    • SHA512

      a46939a20f3efe0cda81fbc72e152b1259e5c9c690e36bbd714f694336b5cc6959fc1f7629ffbe738a9207f8d18d29ebf29fc3df6a086f34be8c236192d29cf2

    • SSDEEP

      1536:a/l78LhqSYLuzs9I0Yvfgc7ZrI1jHJZrR:mh8Ljipnofgqu1jHJ9R

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks