Overview

overview

10

Static

static

10

NEAS.78e8a...30.exe

windows7-x64

10

NEAS.78e8a...30.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.78e8a2b701a54199939d557d77a3b730.exe

  • Size

    367KB

  • Sample

    231103-pg53vsab8y

  • MD5

    78e8a2b701a54199939d557d77a3b730

  • SHA1

    ad6014d6ee76f35045ad6c2372e71ab0e751f69b

  • SHA256

    e70c3406517bace01bef5fe5e26c133da8c7bba8bd83fa9cbad52d3c0cb43f94

  • SHA512

    477fa8e291758bd9aa9047948c02b96bc093ab582324ab2ae2e17c194d90d16cd96c8d322810090572b7986700eb8a656d7aee36203400cab5730b9b8d3b4ca4

  • SSDEEP

    6144:e/yIQGf7UrtnJfKXqPTX7D7FM6234lKm3mo8Yvi4KsLTFM6234lKm3cM9:TGf7StJCXqP77D7FB24lwR45FB24lqM

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.78e8a2b701a54199939d557d77a3b730.exe

    • Size

      367KB

    • MD5

      78e8a2b701a54199939d557d77a3b730

    • SHA1

      ad6014d6ee76f35045ad6c2372e71ab0e751f69b

    • SHA256

      e70c3406517bace01bef5fe5e26c133da8c7bba8bd83fa9cbad52d3c0cb43f94

    • SHA512

      477fa8e291758bd9aa9047948c02b96bc093ab582324ab2ae2e17c194d90d16cd96c8d322810090572b7986700eb8a656d7aee36203400cab5730b9b8d3b4ca4

    • SSDEEP

      6144:e/yIQGf7UrtnJfKXqPTX7D7FM6234lKm3mo8Yvi4KsLTFM6234lKm3cM9:TGf7StJCXqP77D7FB24lwR45FB24lqM

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks