berbew | eeab4b1f2d4cdae31be6c4d26877c5235bc38ebd44b9a0123fd75951300caa33 | Triage

Submit
Reports

Overview

overview

Static

static

NEAS.db73d...10.exe

windows7-x64

NEAS.db73d...10.exe

windows10-2004-x64

Sharing

General

Target

NEAS.db73d15dbb8f247b24f7e41904aa6c10.exe
Size

82KB
Sample

231028-y15qwabg4s
MD5

db73d15dbb8f247b24f7e41904aa6c10
SHA1

36157d8fb44e903dd2000e56db3e7da2b149f6bf
SHA256

eeab4b1f2d4cdae31be6c4d26877c5235bc38ebd44b9a0123fd75951300caa33
SHA512

e835293aefa40a547f51e6371a243ffab211a8c2472b91c76bb6495e619c881206367fa83291cb0da850a70259f6eb0e741bd1f8c8c817dddfbcab712026eb45
SSDEEP

1536:tKNEsWXvsfbyvosEhlOvmq6uyIVP2L7Xpm6+wDSmQFN6TiN1sJtvQu:oFW/sfDsEymqQjDpm6tm7N6TO1SpD

Score

10^/10

berbew dropper persistence trojan

Static task

static1

persistence dropper trojan berbew

3 signatures

Behavioral task

behavioral1

Sample

NEAS.db73d15dbb8f247b24f7e41904aa6c10.exe

Resource

win7-20231020-en

dropper persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.db73d15dbb8f247b24f7e41904aa6c10.exe

Resource

win10v2004-20231023-en

dropper persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.db73d15dbb8f247b24f7e41904aa6c10.exe
- Size
  
  82KB
- MD5
  
  db73d15dbb8f247b24f7e41904aa6c10
- SHA1
  
  36157d8fb44e903dd2000e56db3e7da2b149f6bf
- SHA256
  
  eeab4b1f2d4cdae31be6c4d26877c5235bc38ebd44b9a0123fd75951300caa33
- SHA512
  
  e835293aefa40a547f51e6371a243ffab211a8c2472b91c76bb6495e619c881206367fa83291cb0da850a70259f6eb0e741bd1f8c8c817dddfbcab712026eb45
- SSDEEP
  
  1536:tKNEsWXvsfbyvosEhlOvmq6uyIVP2L7Xpm6+wDSmQFN6TiN1sJtvQu:oFW/sfDsEymqQjDpm6tm7N6TO1SpD
Score

10^/10

dropper persistence trojan
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Malware Backdoor - Berbew
  Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.
  persistence dropper trojan
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

persistencedroppertrojanberbew

behavioral1

dropperpersistencetrojan

behavioral2

dropperpersistencetrojan

© 2018-2025

Terms | Privacy