General

  • Target

    NEAS.de0cb43939ccac10f702904eb0ed0f10.exe

  • Size

    77KB

  • Sample

    231102-vcwarade53

  • MD5

    de0cb43939ccac10f702904eb0ed0f10

  • SHA1

    45181437cedd58742817bb34b4d0c848c00839ee

  • SHA256

    1d3f776ab8579e17a4eb9f752d2eb68eea2f5efa97265dd25102c546246c555b

  • SHA512

    6567f633844e56901c44edb45dbe9e38ff9bca9d4f3a90fcd7cca04296748d16567c917a7a5272a666f30f5087dd9a82da8586009e71574ac4e39af960a02beb

  • SSDEEP

    1536:6Lg6JDshXx7ezokkOvUdY+2Ltowfi+TjRC/D:6Lg6JDaMzohOeYDGwf1TjYD

Malware Config

Targets

    • Target

      NEAS.de0cb43939ccac10f702904eb0ed0f10.exe

    • Size

      77KB

    • MD5

      de0cb43939ccac10f702904eb0ed0f10

    • SHA1

      45181437cedd58742817bb34b4d0c848c00839ee

    • SHA256

      1d3f776ab8579e17a4eb9f752d2eb68eea2f5efa97265dd25102c546246c555b

    • SHA512

      6567f633844e56901c44edb45dbe9e38ff9bca9d4f3a90fcd7cca04296748d16567c917a7a5272a666f30f5087dd9a82da8586009e71574ac4e39af960a02beb

    • SSDEEP

      1536:6Lg6JDshXx7ezokkOvUdY+2Ltowfi+TjRC/D:6Lg6JDaMzohOeYDGwf1TjYD

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks