Overview

overview

10

Static

static

10

NEAS.11987...JC.exe

windows7-x64

10

NEAS.11987...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.119876391a6593198fa924288be58b23_JC.exe

  • Size

    113KB

  • Sample

    231103-wh8npsfg71

  • MD5

    119876391a6593198fa924288be58b23

  • SHA1

    f454a2a49a3497989265ef58e6be506b517c2fbc

  • SHA256

    14897e43a6e1c74f63694647652d876ef687b9ecbb4ccfc8f94ea5c5fc7b55dc

  • SHA512

    84fc78749a79260f632568c3bea172fb4fb2a669b9fe8d2fdb6a9a4ecabf1a3fdee2dbae5c84b9100dcac946f08d2d9764529b8175bf51d7210aa6cb591f7c79

  • SSDEEP

    1536:nm8E+byPE2aH4/r9Ia6LFYoFsMy1cgCe8uvQGYQzlVZg2lKVTP96YS2bMJVn:mUHUZGsXugCe8uvQa7gRj9/S2Kn

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.119876391a6593198fa924288be58b23_JC.exe

    • Size

      113KB

    • MD5

      119876391a6593198fa924288be58b23

    • SHA1

      f454a2a49a3497989265ef58e6be506b517c2fbc

    • SHA256

      14897e43a6e1c74f63694647652d876ef687b9ecbb4ccfc8f94ea5c5fc7b55dc

    • SHA512

      84fc78749a79260f632568c3bea172fb4fb2a669b9fe8d2fdb6a9a4ecabf1a3fdee2dbae5c84b9100dcac946f08d2d9764529b8175bf51d7210aa6cb591f7c79

    • SSDEEP

      1536:nm8E+byPE2aH4/r9Ia6LFYoFsMy1cgCe8uvQGYQzlVZg2lKVTP96YS2bMJVn:mUHUZGsXugCe8uvQa7gRj9/S2Kn

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks