Overview

overview

10

Static

static

10

NEAS.0c09a...b0.exe

windows7-x64

10

NEAS.0c09a...b0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.0c09a81548b3cc7f6dae332cfd63f5b0.exe

  • Size

    404KB

  • Sample

    231101-q6pb3she9w

  • MD5

    0c09a81548b3cc7f6dae332cfd63f5b0

  • SHA1

    43f98a17b934417e44edf6906c6c337d07e34757

  • SHA256

    8854685c065c863e357542cf09d37a2dc4aa7243713f52b14414a762b4ddbbc7

  • SHA512

    25339a9395afe57555ceb7fcd9443e3c70d1325edd74c8fd57d6243ead96a3a3a55b021c73c1bd0a073547d7285a00123ae0f3eb33def2dab22a7e135c1e1dd9

  • SSDEEP

    12288:5JMiGDZOXwcMpV6yYP4rbpV6yYPg058KS:hGDZOXwcMW4XWleKS

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.0c09a81548b3cc7f6dae332cfd63f5b0.exe

    • Size

      404KB

    • MD5

      0c09a81548b3cc7f6dae332cfd63f5b0

    • SHA1

      43f98a17b934417e44edf6906c6c337d07e34757

    • SHA256

      8854685c065c863e357542cf09d37a2dc4aa7243713f52b14414a762b4ddbbc7

    • SHA512

      25339a9395afe57555ceb7fcd9443e3c70d1325edd74c8fd57d6243ead96a3a3a55b021c73c1bd0a073547d7285a00123ae0f3eb33def2dab22a7e135c1e1dd9

    • SSDEEP

      12288:5JMiGDZOXwcMpV6yYP4rbpV6yYPg058KS:hGDZOXwcMW4XWleKS

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks