General

  • Target

    NEAS.1f658fbbd4f9d14c34e308014fc4bf74.exe

  • Size

    107KB

  • Sample

    231114-lklxlsbb54

  • MD5

    1f658fbbd4f9d14c34e308014fc4bf74

  • SHA1

    3087cebd44c4afbf1dc35c6fab051dd60af69c8b

  • SHA256

    784baf701ad743ccf6da1ff2dbaf884d1fa8ecf4024eafd0013142a3634e3b5a

  • SHA512

    d238659774ddd9624238593e561ffa08657900fd3337a226ca4506be0248ab928e9155040f9373e0f0af4791e2938e18593022a3499122c27acb94be069cd85e

  • SSDEEP

    1536:7zKKAY75okbNzgXapgjbw5cCRiVvjX5UQ2LxaIZTJ+7LhkiB0MPiKeEAgHD/Chxi:fKKrjhzgKp4bwJe5UBxaMU7uihJ5233y

Malware Config

Targets

    • Target

      NEAS.1f658fbbd4f9d14c34e308014fc4bf74.exe

    • Size

      107KB

    • MD5

      1f658fbbd4f9d14c34e308014fc4bf74

    • SHA1

      3087cebd44c4afbf1dc35c6fab051dd60af69c8b

    • SHA256

      784baf701ad743ccf6da1ff2dbaf884d1fa8ecf4024eafd0013142a3634e3b5a

    • SHA512

      d238659774ddd9624238593e561ffa08657900fd3337a226ca4506be0248ab928e9155040f9373e0f0af4791e2938e18593022a3499122c27acb94be069cd85e

    • SSDEEP

      1536:7zKKAY75okbNzgXapgjbw5cCRiVvjX5UQ2LxaIZTJ+7LhkiB0MPiKeEAgHD/Chxi:fKKrjhzgKp4bwJe5UBxaMU7uihJ5233y

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks