General

  • Target

    NEAS.c54fff2e7ff92c6c962581721d6c7080.exe

  • Size

    1.5MB

  • Sample

    231107-tbmrjsbc3w

  • MD5

    c54fff2e7ff92c6c962581721d6c7080

  • SHA1

    acaad0de0fe5383e79e9a8a2afb972772911dc0b

  • SHA256

    a61a3afaa728a4441d9e936bdf69862054a5e30ab74b43a25f103ca4372c3034

  • SHA512

    30daefb9270f89bc7db6545ab14ceaa7defee539deb9f7d06e2b6c737d5d1b3336e49f4ec743eac47faaf82158f9a8b4b3d5b79d54fd2a01b25bfbe536e5e169

  • SSDEEP

    24576:AZMAfyvzecvHPh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZHp3oWAU:qMAfyvKcvXbazR0vKLXZ6U

Malware Config

Targets

    • Target

      NEAS.c54fff2e7ff92c6c962581721d6c7080.exe

    • Size

      1.5MB

    • MD5

      c54fff2e7ff92c6c962581721d6c7080

    • SHA1

      acaad0de0fe5383e79e9a8a2afb972772911dc0b

    • SHA256

      a61a3afaa728a4441d9e936bdf69862054a5e30ab74b43a25f103ca4372c3034

    • SHA512

      30daefb9270f89bc7db6545ab14ceaa7defee539deb9f7d06e2b6c737d5d1b3336e49f4ec743eac47faaf82158f9a8b4b3d5b79d54fd2a01b25bfbe536e5e169

    • SSDEEP

      24576:AZMAfyvzecvHPh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZHp3oWAU:qMAfyvKcvXbazR0vKLXZ6U

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks