Overview

overview

10

Static

static

10

NEAS.d3043...JC.exe

windows7-x64

10

NEAS.d3043...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.d304371152208304b5f8c62302394970_JC.exe

  • Size

    459KB

  • Sample

    231105-eham8sae8s

  • MD5

    d304371152208304b5f8c62302394970

  • SHA1

    389c033b64045dfd4cff148918202692a1e09d92

  • SHA256

    13066f03a841ccbdcbbef1adac7bf1e0569b4eb059b229777fa78d67052f4916

  • SHA512

    adf3f9a401d0518fbf3a993ed28c3ad847563ed617fa4798ad655a3b25ab7e70bc756fc2f8ac23609545ae4209b310487e65f530f88764ebfba8fd85914ce5b1

  • SSDEEP

    12288:Hg5wIaJwIKfDy/phgeczlqczZd7LFB3oFHoGnFjVZnykJGvpHGdt:Hg5wLJwFfDy/phgeczlqczZd7LFB3oFl

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.d304371152208304b5f8c62302394970_JC.exe

    • Size

      459KB

    • MD5

      d304371152208304b5f8c62302394970

    • SHA1

      389c033b64045dfd4cff148918202692a1e09d92

    • SHA256

      13066f03a841ccbdcbbef1adac7bf1e0569b4eb059b229777fa78d67052f4916

    • SHA512

      adf3f9a401d0518fbf3a993ed28c3ad847563ed617fa4798ad655a3b25ab7e70bc756fc2f8ac23609545ae4209b310487e65f530f88764ebfba8fd85914ce5b1

    • SSDEEP

      12288:Hg5wIaJwIKfDy/phgeczlqczZd7LFB3oFHoGnFjVZnykJGvpHGdt:Hg5wLJwFfDy/phgeczlqczZd7LFB3oFl

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks