Overview

overview

10

Static

static

10

NEAS.b8c08...80.exe

windows7-x64

10

NEAS.b8c08...80.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.b8c086bbf9266afda24bdd229e4df480.exe

  • Size

    130KB

  • Sample

    231107-vjkgtscb7v

  • MD5

    b8c086bbf9266afda24bdd229e4df480

  • SHA1

    39e4847c7e7202924cb9c92ca117a5715e037f7e

  • SHA256

    978eb5649c43f54341d49837cd982c89b53f856c132189f591573e44a764df1a

  • SHA512

    574762ba297b1f22e6c2cd53471f9ffd50e24c41f7d4133f900c6247dc27405a4eb6d8e6b7468364c3315fc46e161490fa8001c95ec68083f50965fb4137e05e

  • SSDEEP

    3072:fPTP2atnZ6oLWnyTB0GT2/BhHmiImXJ2fYdV46nfPyxWhj8NCM/4:fLP9ZPLWnyTB0I4BhHmNEcYj9nhV8NCV

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.b8c086bbf9266afda24bdd229e4df480.exe

    • Size

      130KB

    • MD5

      b8c086bbf9266afda24bdd229e4df480

    • SHA1

      39e4847c7e7202924cb9c92ca117a5715e037f7e

    • SHA256

      978eb5649c43f54341d49837cd982c89b53f856c132189f591573e44a764df1a

    • SHA512

      574762ba297b1f22e6c2cd53471f9ffd50e24c41f7d4133f900c6247dc27405a4eb6d8e6b7468364c3315fc46e161490fa8001c95ec68083f50965fb4137e05e

    • SSDEEP

      3072:fPTP2atnZ6oLWnyTB0GT2/BhHmiImXJ2fYdV46nfPyxWhj8NCM/4:fLP9ZPLWnyTB0I4BhHmNEcYj9nhV8NCV

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks