Overview

overview

10

Static

static

10

NEAS.0001c...JC.exe

windows7-x64

10

NEAS.0001c...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.0001c7215a5643323104171dcbfd063c_JC.exe

  • Size

    401KB

  • Sample

    231105-sbc2nsff71

  • MD5

    0001c7215a5643323104171dcbfd063c

  • SHA1

    b72c46a5986407fa373341764a0273cf56f9b3ef

  • SHA256

    ebef2a089fbac79ba25ce674096ad64e7754b49100cf1d8b45b2307d5fb5fc64

  • SHA512

    7599c63ebefdb27495c811d2b5b3635d806bfb60576b02d682946233452400fd20613a0d14ae673161ed6e6f89e9c12550b2502d35835135374f26d39306d497

  • SSDEEP

    6144:+4B6CdmtFKyxGsOndpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836PGyA7:+26C0fK3ndpV6yYP4rbpV6yYPg058KrY

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.0001c7215a5643323104171dcbfd063c_JC.exe

    • Size

      401KB

    • MD5

      0001c7215a5643323104171dcbfd063c

    • SHA1

      b72c46a5986407fa373341764a0273cf56f9b3ef

    • SHA256

      ebef2a089fbac79ba25ce674096ad64e7754b49100cf1d8b45b2307d5fb5fc64

    • SHA512

      7599c63ebefdb27495c811d2b5b3635d806bfb60576b02d682946233452400fd20613a0d14ae673161ed6e6f89e9c12550b2502d35835135374f26d39306d497

    • SSDEEP

      6144:+4B6CdmtFKyxGsOndpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836PGyA7:+26C0fK3ndpV6yYP4rbpV6yYPg058KrY

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks