Overview

overview

10

Static

static

10

NEAS.feaf1...30.exe

windows7-x64

10

NEAS.feaf1...30.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.feaf11c1f052dec636866a686c93d930.exe

  • Size

    109KB

  • Sample

    231101-rrhfnahh4x

  • MD5

    feaf11c1f052dec636866a686c93d930

  • SHA1

    c82fe7d5bfc7ebb5030074924c41efca2fcb1a4f

  • SHA256

    082aff2e59309936987126738eac74e98be227c5afa5102de42b6718bbf6e776

  • SHA512

    3622747bed8ed53f366c91a0f4618dea6e1c3d580e27d9d1a0524f605339334afdef5902b1f56950e9b69e39e66e4d33b420c48642dbca3c39d13995768edef7

  • SSDEEP

    3072:Faff5vfoh7VnxSKgR6WFjJ98LCqwzBu1DjHLMVDqqkSpR:FiZonNM6MjJ9Ewtu1DjrFqhz

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.feaf11c1f052dec636866a686c93d930.exe

    • Size

      109KB

    • MD5

      feaf11c1f052dec636866a686c93d930

    • SHA1

      c82fe7d5bfc7ebb5030074924c41efca2fcb1a4f

    • SHA256

      082aff2e59309936987126738eac74e98be227c5afa5102de42b6718bbf6e776

    • SHA512

      3622747bed8ed53f366c91a0f4618dea6e1c3d580e27d9d1a0524f605339334afdef5902b1f56950e9b69e39e66e4d33b420c48642dbca3c39d13995768edef7

    • SSDEEP

      3072:Faff5vfoh7VnxSKgR6WFjJ98LCqwzBu1DjHLMVDqqkSpR:FiZonNM6MjJ9Ewtu1DjrFqhz

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks