Overview

overview

10

Static

static

10

NEAS.ecb13...10.exe

windows7-x64

10

NEAS.ecb13...10.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.ecb136a702cf034977e53ec6f1e60910.exe

  • Size

    93KB

  • Sample

    231111-wjdjysae4s

  • MD5

    ecb136a702cf034977e53ec6f1e60910

  • SHA1

    4788f061f3ca88939db65939ac045409234e99d8

  • SHA256

    18d454a041555a6d2c478ac8683ff13a3de0110efda00a4d4c1494be7bf05d90

  • SHA512

    4809467652cd4a7d37dcf341dc7be85ea3f809d899feec8e4515fa43397f26f6a2d2a342c25e7fb88d0178d0e584b75d6e14872af0f712efedcb70ec03f935cf

  • SSDEEP

    1536:NkSXtbZg6iHEwwGKBQh1hnUufsfeqeTrDOTxjiwg58:eS99Yk7GKah1hnUIsfejTfO9Y58

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.ecb136a702cf034977e53ec6f1e60910.exe

    • Size

      93KB

    • MD5

      ecb136a702cf034977e53ec6f1e60910

    • SHA1

      4788f061f3ca88939db65939ac045409234e99d8

    • SHA256

      18d454a041555a6d2c478ac8683ff13a3de0110efda00a4d4c1494be7bf05d90

    • SHA512

      4809467652cd4a7d37dcf341dc7be85ea3f809d899feec8e4515fa43397f26f6a2d2a342c25e7fb88d0178d0e584b75d6e14872af0f712efedcb70ec03f935cf

    • SSDEEP

      1536:NkSXtbZg6iHEwwGKBQh1hnUufsfeqeTrDOTxjiwg58:eS99Yk7GKah1hnUIsfejTfO9Y58

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks