Overview

overview

10

Static

static

10

NEAS.870da...92.exe

windows7-x64

10

NEAS.870da...92.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.870da7f3826c0459742ff15552b6c792.exe

  • Size

    135KB

  • Sample

    231112-xmpl3aag5x

  • MD5

    870da7f3826c0459742ff15552b6c792

  • SHA1

    6d08c77181584eaa70877ee71913a75110b99a3b

  • SHA256

    31ef36ddfc2eb190f4b58a5c15f07a0c6779727f342d01555a896df0d1fdf5dc

  • SHA512

    f6888413d8a1526a015abe39bb6f6348f31412cf8683e9be579740b5ea7df8ca5ca2eed63f25d576b965735e1ee05c5a9cbb23f2191442b5e189a91e34d652e4

  • SSDEEP

    3072:IUmWfIJzSRATYK8Qr5+ViKGe7Yfs0a0Uoi:ItWftRATYK9cViK4fs0l

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.870da7f3826c0459742ff15552b6c792.exe

    • Size

      135KB

    • MD5

      870da7f3826c0459742ff15552b6c792

    • SHA1

      6d08c77181584eaa70877ee71913a75110b99a3b

    • SHA256

      31ef36ddfc2eb190f4b58a5c15f07a0c6779727f342d01555a896df0d1fdf5dc

    • SHA512

      f6888413d8a1526a015abe39bb6f6348f31412cf8683e9be579740b5ea7df8ca5ca2eed63f25d576b965735e1ee05c5a9cbb23f2191442b5e189a91e34d652e4

    • SSDEEP

      3072:IUmWfIJzSRATYK8Qr5+ViKGe7Yfs0a0Uoi:ItWftRATYK9cViK4fs0l

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks