Overview

overview

10

Static

static

10

NEAS.f9500...1d.exe

windows7-x64

10

NEAS.f9500...1d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.f950005c09a6298bd3d2a7d63d72b91d.exe

  • Size

    113KB

  • Sample

    231028-wgsabsdb4x

  • MD5

    f950005c09a6298bd3d2a7d63d72b91d

  • SHA1

    55403f341d2f6ed373c90eae5d0a6d52b235499c

  • SHA256

    0bda728f233ef3e12374580ceda603fb87afea515d7254635e30f465858109d8

  • SHA512

    02402522567ec072866ff05413db9ca3d2ee3bdd3807c5d51a2fd0862a8dcc84143c1f93e13e5040801cfc2549c4b020c138ec2c41bb8ded950eb304127c7800

  • SSDEEP

    1536:gHI7BjQBA+ys8HDcKoN4tO617DWkZFfScD7SzCbHWrAW8wTWiliX:XljSAcRN0OuGkZFfFSebHWrH8wTW0

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.f950005c09a6298bd3d2a7d63d72b91d.exe

    • Size

      113KB

    • MD5

      f950005c09a6298bd3d2a7d63d72b91d

    • SHA1

      55403f341d2f6ed373c90eae5d0a6d52b235499c

    • SHA256

      0bda728f233ef3e12374580ceda603fb87afea515d7254635e30f465858109d8

    • SHA512

      02402522567ec072866ff05413db9ca3d2ee3bdd3807c5d51a2fd0862a8dcc84143c1f93e13e5040801cfc2549c4b020c138ec2c41bb8ded950eb304127c7800

    • SSDEEP

      1536:gHI7BjQBA+ys8HDcKoN4tO617DWkZFfScD7SzCbHWrAW8wTWiliX:XljSAcRN0OuGkZFfFSebHWrH8wTW0

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks