General

  • Target

    NEAS.19117ba98c61c573ce496990d5a26c6e.exe

  • Size

    227KB

  • Sample

    231114-jvkq7ahg79

  • MD5

    19117ba98c61c573ce496990d5a26c6e

  • SHA1

    aeab55962b0068a6834f1cad16ea1979b3f5a5b7

  • SHA256

    cd1950116b62b07290f33eeb822771fab0ee4085d458f0f355cbc3492e77a18e

  • SHA512

    7857bd40a12658bcbdbe4f26dc3851131a41725f610b8313c717cd1f9e7ec9acaf3866fddff6ad915ed3452d5abc76cf3cc7d54d137362093f5e28d232e6f025

  • SSDEEP

    6144:4uMMkXBziaFown/Bm7U5j2QE2+g24Id2jFHu:4uMMkXBziaFbiojj+Td20

Malware Config

Targets

    • Target

      NEAS.19117ba98c61c573ce496990d5a26c6e.exe

    • Size

      227KB

    • MD5

      19117ba98c61c573ce496990d5a26c6e

    • SHA1

      aeab55962b0068a6834f1cad16ea1979b3f5a5b7

    • SHA256

      cd1950116b62b07290f33eeb822771fab0ee4085d458f0f355cbc3492e77a18e

    • SHA512

      7857bd40a12658bcbdbe4f26dc3851131a41725f610b8313c717cd1f9e7ec9acaf3866fddff6ad915ed3452d5abc76cf3cc7d54d137362093f5e28d232e6f025

    • SSDEEP

      6144:4uMMkXBziaFown/Bm7U5j2QE2+g24Id2jFHu:4uMMkXBziaFbiojj+Td20

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks