Overview

overview

10

Static

static

10

NEAS.f0a1a...00.exe

windows7-x64

10

NEAS.f0a1a...00.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.f0a1a15ddceb9f7467a1d1f4e3bc0100.exe

  • Size

    482KB

  • Sample

    231028-y3d1yaec97

  • MD5

    f0a1a15ddceb9f7467a1d1f4e3bc0100

  • SHA1

    3f4f86bd5faa8c4a6f998706cfe4d9c2490b2b7b

  • SHA256

    9eaa8dbc18cbba2182412ed3badebbc4ab6a9ba0cc0d7947d7b67accc6fc1b45

  • SHA512

    a8cde654b36107ae464f49f9410cda61e887b00b2fa4f434614070b599c42f52a787a25760bd8a4c57dc4833012901ebcb75de4fd2a97aee57561d95bd1c6cef

  • SSDEEP

    12288:gYMXSHo/JSLrpV6yYP4rbpV6yYPg058KpV6yYP8OThj:gzJSLrW4XWleKW8OThj

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.f0a1a15ddceb9f7467a1d1f4e3bc0100.exe

    • Size

      482KB

    • MD5

      f0a1a15ddceb9f7467a1d1f4e3bc0100

    • SHA1

      3f4f86bd5faa8c4a6f998706cfe4d9c2490b2b7b

    • SHA256

      9eaa8dbc18cbba2182412ed3badebbc4ab6a9ba0cc0d7947d7b67accc6fc1b45

    • SHA512

      a8cde654b36107ae464f49f9410cda61e887b00b2fa4f434614070b599c42f52a787a25760bd8a4c57dc4833012901ebcb75de4fd2a97aee57561d95bd1c6cef

    • SSDEEP

      12288:gYMXSHo/JSLrpV6yYP4rbpV6yYPg058KpV6yYP8OThj:gzJSLrW4XWleKW8OThj

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks