Overview

overview

10

Static

static

10

NEAS.c0117...20.exe

windows7-x64

10

NEAS.c0117...20.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.c0117e629bd99fe76ab341373d1cac20.exe

  • Size

    128KB

  • Sample

    231102-vbj64aaf4z

  • MD5

    c0117e629bd99fe76ab341373d1cac20

  • SHA1

    aaab75efd54837f096bb5d8610bdfc83ae19d100

  • SHA256

    b6bf9b56a736c672c9c8552d5509cec211551f0ca070875ea77d3c4ee6a7b43c

  • SHA512

    d636d49cf55ff7ce9c7f4a3a666c92669872bba480065cb0f5c776c4b413587a467a0b69bac14559237e94c2d07c1c2ebd059acdd2d86a2ae783c0966f66683e

  • SSDEEP

    3072:xRgm8DXCydULvqUAEQGBcHN0OlaxP3DZyN/+oeRp:xhCCydULvhAHj05xP3DZyN1eRp

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.c0117e629bd99fe76ab341373d1cac20.exe

    • Size

      128KB

    • MD5

      c0117e629bd99fe76ab341373d1cac20

    • SHA1

      aaab75efd54837f096bb5d8610bdfc83ae19d100

    • SHA256

      b6bf9b56a736c672c9c8552d5509cec211551f0ca070875ea77d3c4ee6a7b43c

    • SHA512

      d636d49cf55ff7ce9c7f4a3a666c92669872bba480065cb0f5c776c4b413587a467a0b69bac14559237e94c2d07c1c2ebd059acdd2d86a2ae783c0966f66683e

    • SSDEEP

      3072:xRgm8DXCydULvqUAEQGBcHN0OlaxP3DZyN/+oeRp:xhCCydULvhAHj05xP3DZyN1eRp

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks