Overview

overview

10

Static

static

10

NEAS.2f1be...JC.exe

windows7-x64

10

NEAS.2f1be...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.2f1be21cdf8b5a8b5e3be2ddcb3ba2c0_JC.exe

  • Size

    252KB

  • MD5

    2f1be21cdf8b5a8b5e3be2ddcb3ba2c0

  • SHA1

    3d96bae367f68a6d47ef5a41bdf854797b33f5d5

  • SHA256

    08922e2cdadc17bc19ce9eedb395b29c5ae2ade0c07344db08f84c833325e5db

  • SHA512

    cf3ce177176690662a1d1a40f350003700a6c2fa5cc280e023d0f368153bed516ee58ecc8d611692092767ee1de225821048f9a5f83cea75fe400d218b3c0bfe

  • SSDEEP

    3072:jKcWmjRrz3SD3nusaYAuJ9yKcWmjRrz3sieVcui+xAkjCSLlQcTKvtEh6xCnrHAI:YGyXldXZGsieA+xnmSJKlEh6YrgsM8

Score
10/10
upxpersistencedroppertrojanberbew

Malware Config

Signatures

  • Berbew family
    berbew
  • Malware Backdoor - Berbew 1 IoCs

    Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    persistencedroppertrojan
  • Patched UPX-packed file 1 IoCs

    Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.2f1be21cdf8b5a8b5e3be2ddcb3ba2c0_JC.exe
    .exe windows:5 windows x86


    Headers

    Sections