Overview

overview

10

Static

static

10

NEAS.23f26...a0.exe

windows7-x64

10

NEAS.23f26...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.23f261a9de3d34a035d5786c63a511a0.exe

  • Size

    125KB

  • Sample

    231107-da9a6aac9z

  • MD5

    23f261a9de3d34a035d5786c63a511a0

  • SHA1

    c66717cad317bdcf991b1a04a079a347d3c30da8

  • SHA256

    ea53c53680df7d38224517f0b50208525d4c7e88bd58769ff5e30dd7be20f40d

  • SHA512

    1496789361c2569a840acb124d9f9c701a5673eb251104988caba104346654b764c9c8d16ab008e2bfb9ade79badf3333031cfa43daf532e607f84ace087a6a7

  • SSDEEP

    3072:uUtatPFpKUcQcq1WdTCn93OGey/ZhJakrPF:u88P3Ksc5TCndOGeKTaG

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.23f261a9de3d34a035d5786c63a511a0.exe

    • Size

      125KB

    • MD5

      23f261a9de3d34a035d5786c63a511a0

    • SHA1

      c66717cad317bdcf991b1a04a079a347d3c30da8

    • SHA256

      ea53c53680df7d38224517f0b50208525d4c7e88bd58769ff5e30dd7be20f40d

    • SHA512

      1496789361c2569a840acb124d9f9c701a5673eb251104988caba104346654b764c9c8d16ab008e2bfb9ade79badf3333031cfa43daf532e607f84ace087a6a7

    • SSDEEP

      3072:uUtatPFpKUcQcq1WdTCn93OGey/ZhJakrPF:u88P3Ksc5TCndOGeKTaG

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks