Overview

overview

10

Static

static

10

NEAS.fe49d...18.exe

windows7-x64

10

NEAS.fe49d...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.fe49d9df97f95da7d4327d504a84a718.exe

  • Size

    240KB

  • Sample

    231028-wgswvseg69

  • MD5

    fe49d9df97f95da7d4327d504a84a718

  • SHA1

    065d119abccc0af099082610ff7fdf2521358745

  • SHA256

    3f7476c014c462d393a0cfba015f70316e206ad1746adeea28b7a9bd0601ca3c

  • SHA512

    2c8842770c4278c4879df521399e8c9654664f91f7d15a6b47feefd8571edbe031fd6913f0c2ac20208ebabe767dabfbf3476df314f102d28591d2de9c51f037

  • SSDEEP

    6144:RO6Jl8FWZo/EcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:Rrm/tycSly8DSUA1YHVD

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.fe49d9df97f95da7d4327d504a84a718.exe

    • Size

      240KB

    • MD5

      fe49d9df97f95da7d4327d504a84a718

    • SHA1

      065d119abccc0af099082610ff7fdf2521358745

    • SHA256

      3f7476c014c462d393a0cfba015f70316e206ad1746adeea28b7a9bd0601ca3c

    • SHA512

      2c8842770c4278c4879df521399e8c9654664f91f7d15a6b47feefd8571edbe031fd6913f0c2ac20208ebabe767dabfbf3476df314f102d28591d2de9c51f037

    • SSDEEP

      6144:RO6Jl8FWZo/EcAJN+SYSUZCb6M3W8DStQUkA1FiHwSD:Rrm/tycSly8DSUA1YHVD

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks