Overview

overview

10

Static

static

10

NEAS.a5a5f...c1.exe

windows7-x64

10

NEAS.a5a5f...c1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.a5a5fd836327d3bf84be80b336cda1c1.exe

  • Size

    161KB

  • Sample

    231112-vbayeshe87

  • MD5

    a5a5fd836327d3bf84be80b336cda1c1

  • SHA1

    5de945bc18ca7dea5bbbfe9bfe568830173a3d7f

  • SHA256

    b0101f6c8aeaa61fb726a4a92022ace7f2a4a961cda006485ccee4cc133076ff

  • SHA512

    69de0a7de8bfab11d7b46a1894c3d8891670205686b3d61e706aa5725e5a60359c32e359771c6ea5d91554ef779da5ceac03dd2257843cc729ec5760c18f7876

  • SSDEEP

    3072:uZ4kks5eVRfe7PxkuakoVwtCJXeex7rrIRZK8K8/kv:u6k55qUxkuakoVwtmeetrIyR

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.a5a5fd836327d3bf84be80b336cda1c1.exe

    • Size

      161KB

    • MD5

      a5a5fd836327d3bf84be80b336cda1c1

    • SHA1

      5de945bc18ca7dea5bbbfe9bfe568830173a3d7f

    • SHA256

      b0101f6c8aeaa61fb726a4a92022ace7f2a4a961cda006485ccee4cc133076ff

    • SHA512

      69de0a7de8bfab11d7b46a1894c3d8891670205686b3d61e706aa5725e5a60359c32e359771c6ea5d91554ef779da5ceac03dd2257843cc729ec5760c18f7876

    • SSDEEP

      3072:uZ4kks5eVRfe7PxkuakoVwtCJXeex7rrIRZK8K8/kv:u6k55qUxkuakoVwtmeetrIyR

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks