Overview

overview

10

Static

static

10

NEAS.5731b...e0.exe

windows7-x64

10

NEAS.5731b...e0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.5731b76a5519ad9f9c7147692977c3e0.exe

  • Size

    368KB

  • Sample

    231101-rf8hpsca8w

  • MD5

    5731b76a5519ad9f9c7147692977c3e0

  • SHA1

    83b8c04f43217d6f795a47cf5e46440d62efd68e

  • SHA256

    f7ec37c806132df85cfde29f525e34938128dc94516a62560504bdb71412ca15

  • SHA512

    685efe9807b4ae21c61397ba2e808658b707a709338d9016a3a7b33f1045e6b96d2752013111ce4c53d1bd77fee41f29a0418cf497e8af13009f65c5625465f8

  • SSDEEP

    6144:OgEmLU8DubBE4f9FIUpOVw86CmOJfTo9FIUIhrcflDMxy9FIUpOVw86CmOJfTo9t:ZE+UMaAD6RrI1+lDMEAD6Rr2NWL

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.5731b76a5519ad9f9c7147692977c3e0.exe

    • Size

      368KB

    • MD5

      5731b76a5519ad9f9c7147692977c3e0

    • SHA1

      83b8c04f43217d6f795a47cf5e46440d62efd68e

    • SHA256

      f7ec37c806132df85cfde29f525e34938128dc94516a62560504bdb71412ca15

    • SHA512

      685efe9807b4ae21c61397ba2e808658b707a709338d9016a3a7b33f1045e6b96d2752013111ce4c53d1bd77fee41f29a0418cf497e8af13009f65c5625465f8

    • SSDEEP

      6144:OgEmLU8DubBE4f9FIUpOVw86CmOJfTo9FIUIhrcflDMxy9FIUpOVw86CmOJfTo9t:ZE+UMaAD6RrI1+lDMEAD6Rr2NWL

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks