Overview

overview

10

Static

static

10

NEAS.8ad7f...JC.exe

windows7-x64

10

NEAS.8ad7f...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.8ad7f21054baaf01545d472cee7323e0_JC.exe

  • Size

    298KB

  • Sample

    231104-yer8nadg4x

  • MD5

    8ad7f21054baaf01545d472cee7323e0

  • SHA1

    9aac7da0fa27fe2e88266c7bc35413512701f9a5

  • SHA256

    334c84c52298d9960404fc359398f0ffea8721556a98691ab509875668a2d228

  • SHA512

    57c5d3409fb3df7d82eaea74e518a823f09a7af0f063cd394857c974ba0ad75b3696128ad40a959263f23b16fefe107f6da8c42adb96fae793312cb9d3454b17

  • SSDEEP

    6144:LJvssTVOwEfGQXnTYaT15f7o+STYaT15fJJj+ke6abT:WsTVOJnTYapJoTYapxake6e

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.8ad7f21054baaf01545d472cee7323e0_JC.exe

    • Size

      298KB

    • MD5

      8ad7f21054baaf01545d472cee7323e0

    • SHA1

      9aac7da0fa27fe2e88266c7bc35413512701f9a5

    • SHA256

      334c84c52298d9960404fc359398f0ffea8721556a98691ab509875668a2d228

    • SHA512

      57c5d3409fb3df7d82eaea74e518a823f09a7af0f063cd394857c974ba0ad75b3696128ad40a959263f23b16fefe107f6da8c42adb96fae793312cb9d3454b17

    • SSDEEP

      6144:LJvssTVOwEfGQXnTYaT15f7o+STYaT15fJJj+ke6abT:WsTVOJnTYapJoTYapxake6e

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks