Overview

overview

10

Static

static

10

NEAS.c6a94...20.exe

windows7-x64

10

NEAS.c6a94...20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.c6a945961b89cc732b403964ac7bcf20.exe

  • Size

    487KB

  • Sample

    231101-rm6mpaff9y

  • MD5

    c6a945961b89cc732b403964ac7bcf20

  • SHA1

    61bba9ce59ee0eab2ddca951b91422ca92a5dbe0

  • SHA256

    10f4419c65dc6bb80643ceccf09a4615a3b3578e477cdf9ca2b6cb18f27bcbba

  • SHA512

    85fdd057ca1c3eed31cf8087164bbcae83b9ac18bc52171052c394b8a17e06d8744a6b3a578ce86ca40920b5def944feb42dc5679b2f0745a072b87878fd9a91

  • SSDEEP

    12288:SeDpkpV6yYPI3cpV6yYPZ0PVdvcY9+8hk5PDtJNBcL/v610yiqo4Z:ZkWHWZ0PVdvcY9+8hk5DtJNBcL/C10dM

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.c6a945961b89cc732b403964ac7bcf20.exe

    • Size

      487KB

    • MD5

      c6a945961b89cc732b403964ac7bcf20

    • SHA1

      61bba9ce59ee0eab2ddca951b91422ca92a5dbe0

    • SHA256

      10f4419c65dc6bb80643ceccf09a4615a3b3578e477cdf9ca2b6cb18f27bcbba

    • SHA512

      85fdd057ca1c3eed31cf8087164bbcae83b9ac18bc52171052c394b8a17e06d8744a6b3a578ce86ca40920b5def944feb42dc5679b2f0745a072b87878fd9a91

    • SSDEEP

      12288:SeDpkpV6yYPI3cpV6yYPZ0PVdvcY9+8hk5PDtJNBcL/v610yiqo4Z:ZkWHWZ0PVdvcY9+8hk5DtJNBcL/C10dM

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks