Overview

overview

10

Static

static

10

NEAS.ba3cc...a0.exe

windows7-x64

10

NEAS.ba3cc...a0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.ba3cc18fd233142c6cfb0ee6e9c767a0.exe

  • Size

    89KB

  • Sample

    231105-yqqh7sdd25

  • MD5

    ba3cc18fd233142c6cfb0ee6e9c767a0

  • SHA1

    563b8d2a22c9db4fab63b95c8ec9037d4bae4356

  • SHA256

    03f4ecce99728b43ce550385f3554765051c8e75c36f279a5352105a5401001a

  • SHA512

    4f250973412ec4e89412fc61385ec6b1496223be0fcce9d27255e0ddd7052814cb9905477dd31fefa5f265d11b73b9344ff46bbdac8e859fe7749f9afdbe1736

  • SSDEEP

    1536:MRR3q959YydjcP6sw0RgPLEVacjFIwScg/lExkg8Fk:Me959Ddk6sZgzWjFIwScUlakgwk

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.ba3cc18fd233142c6cfb0ee6e9c767a0.exe

    • Size

      89KB

    • MD5

      ba3cc18fd233142c6cfb0ee6e9c767a0

    • SHA1

      563b8d2a22c9db4fab63b95c8ec9037d4bae4356

    • SHA256

      03f4ecce99728b43ce550385f3554765051c8e75c36f279a5352105a5401001a

    • SHA512

      4f250973412ec4e89412fc61385ec6b1496223be0fcce9d27255e0ddd7052814cb9905477dd31fefa5f265d11b73b9344ff46bbdac8e859fe7749f9afdbe1736

    • SSDEEP

      1536:MRR3q959YydjcP6sw0RgPLEVacjFIwScg/lExkg8Fk:Me959Ddk6sZgzWjFIwScUlakgwk

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks