Overview

overview

10

Static

static

10

NEAS.e7e04...40.exe

windows7-x64

10

NEAS.e7e04...40.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.e7e048e8b8a55e6d46d41b0441c24940.exe

  • Size

    273KB

  • Sample

    231101-rp618sha7t

  • MD5

    e7e048e8b8a55e6d46d41b0441c24940

  • SHA1

    a54461f16d9d116a4cf65d96003083fe0db161d4

  • SHA256

    483c39df5f01e1e6a821e1868b3e17c330ce131030fcdd98f6ec76ed697f1065

  • SHA512

    24b0ce5fbaa8d6e83c0d989cfce9e262e961540cfeaff152cecf41b7b9543bc61676af3a195bef653525c90933e402bb4c79c86e3d1e1c1faa5f1f3e4e00c21f

  • SSDEEP

    6144:El+wl+jwZTDdiV1iL+9MD/nLSIV8yw7U3FtDgc67nTGbNOspACO63+VGzJnw9wIy:xxwBg1iL2KPL7Syw72dpSQos2c+VGzJ5

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.e7e048e8b8a55e6d46d41b0441c24940.exe

    • Size

      273KB

    • MD5

      e7e048e8b8a55e6d46d41b0441c24940

    • SHA1

      a54461f16d9d116a4cf65d96003083fe0db161d4

    • SHA256

      483c39df5f01e1e6a821e1868b3e17c330ce131030fcdd98f6ec76ed697f1065

    • SHA512

      24b0ce5fbaa8d6e83c0d989cfce9e262e961540cfeaff152cecf41b7b9543bc61676af3a195bef653525c90933e402bb4c79c86e3d1e1c1faa5f1f3e4e00c21f

    • SSDEEP

      6144:El+wl+jwZTDdiV1iL+9MD/nLSIV8yw7U3FtDgc67nTGbNOspACO63+VGzJnw9wIy:xxwBg1iL2KPL7Syw72dpSQos2c+VGzJ5

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks