Overview

overview

10

Static

static

10

NEAS.bf153...b0.exe

windows7-x64

10

NEAS.bf153...b0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.bf153ac67053880509d04ac245e396b0.exe

  • Size

    164KB

  • Sample

    231107-e5zwmsda54

  • MD5

    bf153ac67053880509d04ac245e396b0

  • SHA1

    87039d592073cab158c66795e49d70858229e1a9

  • SHA256

    a43f375ba45745c498e778062309593215a0fce2801a5c77b4f080fd1930f8b8

  • SHA512

    188bad839ac8a3f010d5b7e055b77cfa5c1f64077446ed2e185abefd9882b7edb4ca18604cad6bbcf24726ae0002aa85d1d7e2fdf1e49bd79b07ef0b653804b4

  • SSDEEP

    1536:JF0HuVrSUCqdT09Kh7hgg/C1hl8z7i08uFavDLmikVV6QSzV7DXAVgdIrKM4Vnn1:3zhgdQe08uFafmHURHAVgnvedh6DRyU

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.bf153ac67053880509d04ac245e396b0.exe

    • Size

      164KB

    • MD5

      bf153ac67053880509d04ac245e396b0

    • SHA1

      87039d592073cab158c66795e49d70858229e1a9

    • SHA256

      a43f375ba45745c498e778062309593215a0fce2801a5c77b4f080fd1930f8b8

    • SHA512

      188bad839ac8a3f010d5b7e055b77cfa5c1f64077446ed2e185abefd9882b7edb4ca18604cad6bbcf24726ae0002aa85d1d7e2fdf1e49bd79b07ef0b653804b4

    • SSDEEP

      1536:JF0HuVrSUCqdT09Kh7hgg/C1hl8z7i08uFavDLmikVV6QSzV7DXAVgdIrKM4Vnn1:3zhgdQe08uFafmHURHAVgnvedh6DRyU

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks