9626ff8e41ba58aaf2e425d3de3de89bd8cfdd593b61a205b71554dba6224403

Analysis

max time kernel
0s
max time network
2s
platform
windows7_x64
resource
win7-20231025-en
resource tags

arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
submitted
28/10/2023, 20:14

Sharing

Copy URL

Twitter E-mail

Reason

Reading agent response: Timeout while submitting payload

Report Analysis Logs

General

Target

NEAS.cdc3a561aa9c8d2c5790aaafeb35e9d0.exe
Size

168KB
MD5

cdc3a561aa9c8d2c5790aaafeb35e9d0
SHA1

dd677299d2f51595c23ace529d0558460ba29885
SHA256

9626ff8e41ba58aaf2e425d3de3de89bd8cfdd593b61a205b71554dba6224403
SHA512

972e4c7bff89f934b07fb6635bff5d747014d6354cfd2491e9832219601a70e8c53c75889fd20836a83ac8f53ec5dba90c99b81dbb00a7174bf5427a143627f4
SSDEEP

1536:9eT7BVwxfvEFwjRbe+X9nw0lRxNm1V2UrEN7gJMVr/:9mVwRKCbe+X5lR302U4ke

Score

10^/10

dropper persistence trojan upx

Malware Config

Signatures

Malware Backdoor - Berbew 1 IoCs

Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

persistence dropper trojan

resource	yara_rule
behavioral1/memory/2440-0-0x0000000000400000-0x000000000042A000-memory.dmp	family_berbew

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2440-0-0x0000000000400000-0x000000000042A000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\NEAS.cdc3a561aa9c8d2c5790aaafeb35e9d0.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.cdc3a561aa9c8d2c5790aaafeb35e9d0.exe"
1⤵
PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2440-0-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download