berbew | NEAS[.]d20384f94246e2bb3fcc0cf4ec6cafa0[.]exe

General

Target

NEAS.d20384f94246e2bb3fcc0cf4ec6cafa0.exe
Size

331KB
MD5

d20384f94246e2bb3fcc0cf4ec6cafa0
SHA1

8d5406d2d525fa9fb49a5cb3642b7f96d96163fe
SHA256

a3f2ff98bfaa7dc85fc5916b8dbea81aafa8e3a30516d1e69863821375f384ae
SHA512

14cb553d8d6a09cc3f66104ad32cf9e2183fd60562585c4f5a1c2d3f1956053c4c446ca592693a54b4e771da8f070c1a3fb8986aa4ee67f3cb0ec74d33eb566c
SSDEEP

6144:8s4KHcj/uLEGZoy/58rmUsUdcgXmkEjBzC+j/ijiOW3QSNg2WXC0L2zfkf:8sxkuLRhMdcgXmkczCSijiOmQSbCCXG

Score

10^/10

persistence dropper trojan berbew

Malware Config

Signatures

Berbew family
berbew

Malware Backdoor - Berbew 1 IoCs

Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

persistence dropper trojan

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d20384f94246e2bb3fcc0cf4ec6cafa0.exe

Files

NEAS.d20384f94246e2bb3fcc0cf4ec6cafa0.exe
.exe windows:6 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 144KB - Virtual size: 60KB

Size: 228KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA

Size: - Virtual size:

Size: 163KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

 Size: 144KB - Virtual size: 60KB

Size: 228KB - Virtual size: 4B

���� Size: - Virtual size:

Size: - Virtual size:

Size: 163KB - Virtual size:

Size: 144KB - Virtual size: 60KB

��
Size: - Virtual size: