Overview

overview

10

Static

static

10

NEAS.1c3fd...d3.exe

windows7-x64

10

NEAS.1c3fd...d3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.1c3fd4bcdc9e30955dd07462db3abed3.exe

  • Size

    229KB

  • Sample

    231104-s6lx3aec75

  • MD5

    1c3fd4bcdc9e30955dd07462db3abed3

  • SHA1

    799f638d3006bb33fcc938add267dd4b28829543

  • SHA256

    f575b03a14e4a4d86974c16847703d9e8ee10ac6e5bdf8a7174b7a02026e8051

  • SHA512

    57f7f77b8dbca7dfffff8470a2211e48b12ed6d72390e4e6b18ab581e4c95c1c6ff7aad02f449244daefabc2d602891430870f016652cfbb6832aa99087f6a28

  • SSDEEP

    6144:QjFwb2S6jctLxdLTt97cFR6jG1n6xJmPMbjjfxKml2E:QjF+LxdLuR6tjTsmsE

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.1c3fd4bcdc9e30955dd07462db3abed3.exe

    • Size

      229KB

    • MD5

      1c3fd4bcdc9e30955dd07462db3abed3

    • SHA1

      799f638d3006bb33fcc938add267dd4b28829543

    • SHA256

      f575b03a14e4a4d86974c16847703d9e8ee10ac6e5bdf8a7174b7a02026e8051

    • SHA512

      57f7f77b8dbca7dfffff8470a2211e48b12ed6d72390e4e6b18ab581e4c95c1c6ff7aad02f449244daefabc2d602891430870f016652cfbb6832aa99087f6a28

    • SSDEEP

      6144:QjFwb2S6jctLxdLTt97cFR6jG1n6xJmPMbjjfxKml2E:QjF+LxdLuR6tjTsmsE

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks