General

  • Target

    NEAS.5adcb4892c4e71bb4a8c074250a4ad20_JC.exe

  • Size

    106KB

  • Sample

    231104-16kzrsff4w

  • MD5

    5adcb4892c4e71bb4a8c074250a4ad20

  • SHA1

    5ecac112ad7de0248307455e18fc8dd09859213a

  • SHA256

    57e2f48abcd2b4d1adebb9ed75000f02c2222b1d0a03021f43d6f1bc36da0199

  • SHA512

    54f4ac804d9c8fca629dcca661cbb9d87c2e8a86714f9cce8d84326a8c0536ce2c38d42bbe1098284771fc1af7eb54fdd5c9bf6c2443d24c49c808131aa6ac42

  • SSDEEP

    3072:Vz0VXZyIERbcYznM156qUAMUzrXP1WdTCn93OGey/ZhC:Vz0Vzag206DgzrXgTCndOGeKY

Malware Config

Targets

    • Target

      NEAS.5adcb4892c4e71bb4a8c074250a4ad20_JC.exe

    • Size

      106KB

    • MD5

      5adcb4892c4e71bb4a8c074250a4ad20

    • SHA1

      5ecac112ad7de0248307455e18fc8dd09859213a

    • SHA256

      57e2f48abcd2b4d1adebb9ed75000f02c2222b1d0a03021f43d6f1bc36da0199

    • SHA512

      54f4ac804d9c8fca629dcca661cbb9d87c2e8a86714f9cce8d84326a8c0536ce2c38d42bbe1098284771fc1af7eb54fdd5c9bf6c2443d24c49c808131aa6ac42

    • SSDEEP

      3072:Vz0VXZyIERbcYznM156qUAMUzrXP1WdTCn93OGey/ZhC:Vz0Vzag206DgzrXgTCndOGeKY

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks