General

  • Target

    NEAS.fed9ec4210202e94f2b474ec3e3168d0.exe

  • Size

    77KB

  • Sample

    231101-rrhresbe33

  • MD5

    fed9ec4210202e94f2b474ec3e3168d0

  • SHA1

    611b4e25a2e05447ce96894112432539d6308ed0

  • SHA256

    96796c07e09cc3a4557e25ed2336a165da7cad9ca3d4815ca9efeb6c90424a74

  • SHA512

    63b577533cf7e36cec1cf22904be212b05a41847a7ff2549ea97b6f40c6841a7680cbe8ed30d77b970e8440f182001506dbb0424783b5c7ce6a1aa5ca1df1e2b

  • SSDEEP

    1536:1TI7S4RTdVBhIfnWsSoYnJau6WkoHoE2Lt42wfi+TjRC/D:1T4RTddIfWsSoCHody2wf1TjYD

Malware Config

Targets

    • Target

      NEAS.fed9ec4210202e94f2b474ec3e3168d0.exe

    • Size

      77KB

    • MD5

      fed9ec4210202e94f2b474ec3e3168d0

    • SHA1

      611b4e25a2e05447ce96894112432539d6308ed0

    • SHA256

      96796c07e09cc3a4557e25ed2336a165da7cad9ca3d4815ca9efeb6c90424a74

    • SHA512

      63b577533cf7e36cec1cf22904be212b05a41847a7ff2549ea97b6f40c6841a7680cbe8ed30d77b970e8440f182001506dbb0424783b5c7ce6a1aa5ca1df1e2b

    • SSDEEP

      1536:1TI7S4RTdVBhIfnWsSoYnJau6WkoHoE2Lt42wfi+TjRC/D:1T4RTddIfWsSoCHody2wf1TjYD

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks