Overview

overview

10

Static

static

10

NEAS.f72a6...20.exe

windows7-x64

10

NEAS.f72a6...20.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.f72a627c3a35c9008ee10233c2bf7420.exe

  • Size

    256KB

  • Sample

    231028-y3vcxsef55

  • MD5

    f72a627c3a35c9008ee10233c2bf7420

  • SHA1

    3f0d5ff7702d0f4cfc1e175281e71682653b26f4

  • SHA256

    155bb3e70d2c75e9d64368692c79f7e7635398d275e69731a37cacc1b559dba5

  • SHA512

    44e05a6bbb24859894c0140277b472d3d068243fefe1b62173d14aafbe44ae9bf5b3d7dc91f68362190a02e98f57667fb307a2c3d02ef47d6929c67b95673944

  • SSDEEP

    6144:tVfo9PYWVjlpmmxieQbWGRdA6sQc/Yp7TVX3J/1awbWGRdA6sQc/YRU:L4L9lpJxifbWGRdA6sQhPbWGRdA6sQxU

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.f72a627c3a35c9008ee10233c2bf7420.exe

    • Size

      256KB

    • MD5

      f72a627c3a35c9008ee10233c2bf7420

    • SHA1

      3f0d5ff7702d0f4cfc1e175281e71682653b26f4

    • SHA256

      155bb3e70d2c75e9d64368692c79f7e7635398d275e69731a37cacc1b559dba5

    • SHA512

      44e05a6bbb24859894c0140277b472d3d068243fefe1b62173d14aafbe44ae9bf5b3d7dc91f68362190a02e98f57667fb307a2c3d02ef47d6929c67b95673944

    • SSDEEP

      6144:tVfo9PYWVjlpmmxieQbWGRdA6sQc/Yp7TVX3J/1awbWGRdA6sQc/YRU:L4L9lpJxifbWGRdA6sQhPbWGRdA6sQxU

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks