Overview

overview

10

Static

static

10

NEAS.ea249...0c.exe

windows7-x64

10

NEAS.ea249...0c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.ea24921b11cbe18583083577a31c3b0c.exe

  • Size

    407KB

  • Sample

    231111-mx2n9sdh7z

  • MD5

    ea24921b11cbe18583083577a31c3b0c

  • SHA1

    2d446caa210d6ed37d2035fe48084cb85d18d271

  • SHA256

    757a72b3d2dfa79b240024ea28b485a8201174de5e26bf5b0b6186191e2e1b7e

  • SHA512

    3c128484d332f5bfc98bff5faf30abc312aab5139de6e128a562f7ce154a4ef39553fd3da8ba7cad1d62ed7f7555397e5a9daef826235d9e54aacced4745a650

  • SSDEEP

    12288:jPfLpMzeJO/awrSmfyiPFg8prNdw+C7797TnPtLU8deJUP//zk9FGB:bfLpMzeJO/awrSmfyiPFg8prNdw+C77V

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.ea24921b11cbe18583083577a31c3b0c.exe

    • Size

      407KB

    • MD5

      ea24921b11cbe18583083577a31c3b0c

    • SHA1

      2d446caa210d6ed37d2035fe48084cb85d18d271

    • SHA256

      757a72b3d2dfa79b240024ea28b485a8201174de5e26bf5b0b6186191e2e1b7e

    • SHA512

      3c128484d332f5bfc98bff5faf30abc312aab5139de6e128a562f7ce154a4ef39553fd3da8ba7cad1d62ed7f7555397e5a9daef826235d9e54aacced4745a650

    • SSDEEP

      12288:jPfLpMzeJO/awrSmfyiPFg8prNdw+C7797TnPtLU8deJUP//zk9FGB:bfLpMzeJO/awrSmfyiPFg8prNdw+C77V

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks