Overview

overview

10

Static

static

10

NEAS.c2712...c0.exe

windows7-x64

10

NEAS.c2712...c0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.c27128d85301ed5f0fbf62c7eccc0ac0.exe

  • Size

    130KB

  • Sample

    231102-pfpdqabf61

  • MD5

    c27128d85301ed5f0fbf62c7eccc0ac0

  • SHA1

    fc12735a8ae648c51524a6d50c1054468a02cac7

  • SHA256

    d4bb1ca94a98d06479ddbdcda464d310c99c1bb6d548a9710c6dc73d0b5a14c8

  • SHA512

    c76f7b6c5c0fb91e633ba414786a0a52f5aa3945e761fdb5857afff2c25084316132cae7bbc17e855fbb0964994d53ac28c47088664de03ab7eee9b8cc93ebed

  • SSDEEP

    3072:jS18W8z+O0zmQNxIGH2/BhHmiImXJ2fYdV46nfPyxWhj8NCM/4:jS18B0bNxI04BhHmNEcYj9nhV8NCV

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.c27128d85301ed5f0fbf62c7eccc0ac0.exe

    • Size

      130KB

    • MD5

      c27128d85301ed5f0fbf62c7eccc0ac0

    • SHA1

      fc12735a8ae648c51524a6d50c1054468a02cac7

    • SHA256

      d4bb1ca94a98d06479ddbdcda464d310c99c1bb6d548a9710c6dc73d0b5a14c8

    • SHA512

      c76f7b6c5c0fb91e633ba414786a0a52f5aa3945e761fdb5857afff2c25084316132cae7bbc17e855fbb0964994d53ac28c47088664de03ab7eee9b8cc93ebed

    • SSDEEP

      3072:jS18W8z+O0zmQNxIGH2/BhHmiImXJ2fYdV46nfPyxWhj8NCM/4:jS18B0bNxI04BhHmNEcYj9nhV8NCV

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks