Overview

overview

10

Static

static

10

NEAS.c4aee...JC.exe

windows7-x64

10

NEAS.c4aee...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.c4aee5064604760471ce9fdac27737c0_JC.exe

  • Size

    199KB

  • Sample

    231105-llx19sdg9v

  • MD5

    c4aee5064604760471ce9fdac27737c0

  • SHA1

    3106a48a91539d337f196591ca19bfeb56bb88fb

  • SHA256

    f993a383a5b48b50a22f945352e59ae42f85695de9439ae501a852bf62578e5b

  • SHA512

    99493f7fe5d7985f827e367907acbe1a25edc6f6fbdfadd9847167f09745b1ffd2501238a30302dde959dd5ebb386a89920f7055eab2b638bf03f8ece7fc7f0b

  • SSDEEP

    6144:tTcscD3fPSZSCZj81+jq4peBK034YOmFz1h:DcjSZSCG1+jheBbOmFxh

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.c4aee5064604760471ce9fdac27737c0_JC.exe

    • Size

      199KB

    • MD5

      c4aee5064604760471ce9fdac27737c0

    • SHA1

      3106a48a91539d337f196591ca19bfeb56bb88fb

    • SHA256

      f993a383a5b48b50a22f945352e59ae42f85695de9439ae501a852bf62578e5b

    • SHA512

      99493f7fe5d7985f827e367907acbe1a25edc6f6fbdfadd9847167f09745b1ffd2501238a30302dde959dd5ebb386a89920f7055eab2b638bf03f8ece7fc7f0b

    • SSDEEP

      6144:tTcscD3fPSZSCZj81+jq4peBK034YOmFz1h:DcjSZSCG1+jheBbOmFxh

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks