Overview

overview

10

Static

static

10

NEAS.e61f6...30.exe

windows7-x64

10

NEAS.e61f6...30.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.e61f659fba1d39b3b14297025eff9130.exe

  • Size

    82KB

  • Sample

    231022-v3sybaca26

  • MD5

    e61f659fba1d39b3b14297025eff9130

  • SHA1

    a0cb78901b9f953500bdd1f383dfadf6be4c4950

  • SHA256

    0947b7b09e53d5462edef2e112689630218c97b9d0b07305a6c714b3236a66dd

  • SHA512

    6c746d76df6710bdcdaad26cc0351ee7daefa4323d561de3e1efe0de575eab427ddddbe0090e9d91e7b7b382077b9a9cd9d279b093a7f0f6f8f13b897200730c

  • SSDEEP

    1536:hIYqEtOzhN41+Dsa8Aa5XNOLzu2L7epm6+wDSmQFN6TiN1sJtvQu:JqWOj4sDTz3qpm6tm7N6TO1SpD

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.e61f659fba1d39b3b14297025eff9130.exe

    • Size

      82KB

    • MD5

      e61f659fba1d39b3b14297025eff9130

    • SHA1

      a0cb78901b9f953500bdd1f383dfadf6be4c4950

    • SHA256

      0947b7b09e53d5462edef2e112689630218c97b9d0b07305a6c714b3236a66dd

    • SHA512

      6c746d76df6710bdcdaad26cc0351ee7daefa4323d561de3e1efe0de575eab427ddddbe0090e9d91e7b7b382077b9a9cd9d279b093a7f0f6f8f13b897200730c

    • SSDEEP

      1536:hIYqEtOzhN41+Dsa8Aa5XNOLzu2L7epm6+wDSmQFN6TiN1sJtvQu:JqWOj4sDTz3qpm6tm7N6TO1SpD

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks