Overview

overview

10

Static

static

10

NEAS.38bc3...40.exe

windows7-x64

10

NEAS.38bc3...40.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.38bc3ca4fcc78b2e59b60ec001349640.exe

  • Size

    120KB

  • Sample

    231101-q9fjcach92

  • MD5

    38bc3ca4fcc78b2e59b60ec001349640

  • SHA1

    2e5126202b84a94ad6bab608124cf4256d579e5f

  • SHA256

    d09ed71b79e942ab03c21c5bfc97d33bea7871bade0b72ff6b52eb2f89a375c0

  • SHA512

    6b755ecd531ba28bd76eee0dee38fc15d5a32ece87a67839c58b330bb29388df62b7085fb9611a9cf0e1bc767080bca7d82bfd561234abdf8e95d2180f31d023

  • SSDEEP

    3072:6liuCmcWfowCKc28qe5203H/6TC+qF1SsB1bw4AVRrd9:kiRmcYowBO59C81NBy9

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.38bc3ca4fcc78b2e59b60ec001349640.exe

    • Size

      120KB

    • MD5

      38bc3ca4fcc78b2e59b60ec001349640

    • SHA1

      2e5126202b84a94ad6bab608124cf4256d579e5f

    • SHA256

      d09ed71b79e942ab03c21c5bfc97d33bea7871bade0b72ff6b52eb2f89a375c0

    • SHA512

      6b755ecd531ba28bd76eee0dee38fc15d5a32ece87a67839c58b330bb29388df62b7085fb9611a9cf0e1bc767080bca7d82bfd561234abdf8e95d2180f31d023

    • SSDEEP

      3072:6liuCmcWfowCKc28qe5203H/6TC+qF1SsB1bw4AVRrd9:kiRmcYowBO59C81NBy9

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks