Overview

overview

10

Static

static

10

NEAS.6e77b...JC.exe

windows7-x64

10

NEAS.6e77b...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.6e77b2deb66b3516e55c9e3ee8c886e4_JC.exe

  • Size

    478KB

  • Sample

    231105-ss6qbagb2s

  • MD5

    6e77b2deb66b3516e55c9e3ee8c886e4

  • SHA1

    9f804542cc247d6c9deae4ff1ae727c38767776d

  • SHA256

    b688a01dd966bb90c71b0442aaa8f38d7a103831e2c161748d43898cea67405e

  • SHA512

    420c08a1364a3a94d4c28fdb2e61dda951e1830a16896e4af825be6d352ff3ba01440c01c7e5631b69249c50077897d845ff6015da9c3314ce7af2eb24c19052

  • SSDEEP

    12288:0Sz6/NB7/N2xQbR71JPZg9miPPwwh6yGF/Pir1VlxJyTi/N:0SzYYxQbR71JPZg9miPPwwh6yGF/Pirr

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.6e77b2deb66b3516e55c9e3ee8c886e4_JC.exe

    • Size

      478KB

    • MD5

      6e77b2deb66b3516e55c9e3ee8c886e4

    • SHA1

      9f804542cc247d6c9deae4ff1ae727c38767776d

    • SHA256

      b688a01dd966bb90c71b0442aaa8f38d7a103831e2c161748d43898cea67405e

    • SHA512

      420c08a1364a3a94d4c28fdb2e61dda951e1830a16896e4af825be6d352ff3ba01440c01c7e5631b69249c50077897d845ff6015da9c3314ce7af2eb24c19052

    • SSDEEP

      12288:0Sz6/NB7/N2xQbR71JPZg9miPPwwh6yGF/Pir1VlxJyTi/N:0SzYYxQbR71JPZg9miPPwwh6yGF/Pirr

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks