Overview

overview

10

Static

static

10

NEAS.2bf8b...50.exe

windows7-x64

10

NEAS.2bf8b...50.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.2bf8b060d979373829a52bec981cbe50.exe

  • Size

    151KB

  • Sample

    231102-zky4tshc68

  • MD5

    2bf8b060d979373829a52bec981cbe50

  • SHA1

    d28f59b268e2877bdcb9d72e983e685ed1e8556b

  • SHA256

    bd755fbd6be03ec955f630ba36949d24d07308a82bc4aaeb6f1201f63399b46d

  • SHA512

    cda37430b3ef2ff2f5601ad369049c4864f0152cf978c590b8f880240df0133bafb380264d9082acd6015600bd1e19a98fbf0717c6874186c55a43ffd845bd72

  • SSDEEP

    3072:OOqkneN1EGKQvTxsew9ZJZ9VSUrhZw795SkKF:OY8EGDTueuZJhBG95

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.2bf8b060d979373829a52bec981cbe50.exe

    • Size

      151KB

    • MD5

      2bf8b060d979373829a52bec981cbe50

    • SHA1

      d28f59b268e2877bdcb9d72e983e685ed1e8556b

    • SHA256

      bd755fbd6be03ec955f630ba36949d24d07308a82bc4aaeb6f1201f63399b46d

    • SHA512

      cda37430b3ef2ff2f5601ad369049c4864f0152cf978c590b8f880240df0133bafb380264d9082acd6015600bd1e19a98fbf0717c6874186c55a43ffd845bd72

    • SSDEEP

      3072:OOqkneN1EGKQvTxsew9ZJZ9VSUrhZw795SkKF:OY8EGDTueuZJhBG95

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks