General

  • Target

    NEAS.d09ea117f9192bff2125bdec38bb8b4d_JC.exe

  • Size

    67KB

  • Sample

    231023-wzlv9scd61

  • MD5

    d09ea117f9192bff2125bdec38bb8b4d

  • SHA1

    0c722ed2b1f47f494d6b8fd897a18d2997ae7cab

  • SHA256

    4bcc2aefbc20343800f9029d499e5cd05afbe0350d735e39d9fae524bb197fce

  • SHA512

    f57d7cb894ffb363aeaaebe007c28094b8b1336bbfaf44767a0604699af1505a73efbb5c606d7a0ede777cce584e37b5fe7fd5198127a3111e90f4fd772d8e79

  • SSDEEP

    1536:+PPcaL029FrlPDwLlrKM7p/rLsRHTz2KsJifTduD4oTxw:iPcaL029FrlLOrKM78zaKsJibdMTxw

Malware Config

Targets

    • Target

      NEAS.d09ea117f9192bff2125bdec38bb8b4d_JC.exe

    • Size

      67KB

    • MD5

      d09ea117f9192bff2125bdec38bb8b4d

    • SHA1

      0c722ed2b1f47f494d6b8fd897a18d2997ae7cab

    • SHA256

      4bcc2aefbc20343800f9029d499e5cd05afbe0350d735e39d9fae524bb197fce

    • SHA512

      f57d7cb894ffb363aeaaebe007c28094b8b1336bbfaf44767a0604699af1505a73efbb5c606d7a0ede777cce584e37b5fe7fd5198127a3111e90f4fd772d8e79

    • SSDEEP

      1536:+PPcaL029FrlPDwLlrKM7p/rLsRHTz2KsJifTduD4oTxw:iPcaL029FrlLOrKM78zaKsJibdMTxw

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks