Overview

overview

10

Static

static

10

NEAS.b7373...e0.exe

windows7-x64

10

NEAS.b7373...e0.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.b737337f797844436caf3f601750ace0.exe

  • Size

    120KB

  • Sample

    231022-vz466saa76

  • MD5

    b737337f797844436caf3f601750ace0

  • SHA1

    07f35941ff8bdb34d2da9525c1c96c999e4f4ea7

  • SHA256

    56484e3af0cdb7e02eb92429854fa776b6d9ea50b069f09352acc782da47c4d3

  • SHA512

    bc71517d5e71510f1b51059e394c07a7e91ab6acdc401955454340273ce85656f5d368d89f370d04e23bdd60629c6ecc1ef6c1fbfe628c1e33f317db3754eafd

  • SSDEEP

    3072:KyWxXNeEFPC6TlNI1nrVJdeJ203H/6TC+qF1SsB1bw4AVRrd9:RW7tV3J9C81NBy9

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.b737337f797844436caf3f601750ace0.exe

    • Size

      120KB

    • MD5

      b737337f797844436caf3f601750ace0

    • SHA1

      07f35941ff8bdb34d2da9525c1c96c999e4f4ea7

    • SHA256

      56484e3af0cdb7e02eb92429854fa776b6d9ea50b069f09352acc782da47c4d3

    • SHA512

      bc71517d5e71510f1b51059e394c07a7e91ab6acdc401955454340273ce85656f5d368d89f370d04e23bdd60629c6ecc1ef6c1fbfe628c1e33f317db3754eafd

    • SSDEEP

      3072:KyWxXNeEFPC6TlNI1nrVJdeJ203H/6TC+qF1SsB1bw4AVRrd9:RW7tV3J9C81NBy9

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks