Overview

overview

10

Static

static

10

NEAS.1420d...cf.exe

windows7-x64

10

NEAS.1420d...cf.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.1420d4511f79c095ba0af803f1ddb5cf.exe

  • Size

    67KB

  • Sample

    231114-lyd4xsba21

  • MD5

    1420d4511f79c095ba0af803f1ddb5cf

  • SHA1

    eaab59ce0381f8b6c4e88e62c7b9ea3062935b0a

  • SHA256

    3245d936c416ba6e302738790a49e153732d2463ea67cf99801ee56227b96be0

  • SHA512

    ad417ac9178b69200c8342c39a5baa98fdd3c41445254e47cc5a296999c5343ba5ebf750fa726fb14c3248697d5d5c43cc2270ba24569b184d799bbf262fe8f7

  • SSDEEP

    1536:CJH4GVyTdV0+FTzZ+LoTjdJNgsJifTduD4oTxw:neyxVj6o3dJusJibdMTxw

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.1420d4511f79c095ba0af803f1ddb5cf.exe

    • Size

      67KB

    • MD5

      1420d4511f79c095ba0af803f1ddb5cf

    • SHA1

      eaab59ce0381f8b6c4e88e62c7b9ea3062935b0a

    • SHA256

      3245d936c416ba6e302738790a49e153732d2463ea67cf99801ee56227b96be0

    • SHA512

      ad417ac9178b69200c8342c39a5baa98fdd3c41445254e47cc5a296999c5343ba5ebf750fa726fb14c3248697d5d5c43cc2270ba24569b184d799bbf262fe8f7

    • SSDEEP

      1536:CJH4GVyTdV0+FTzZ+LoTjdJNgsJifTduD4oTxw:neyxVj6o3dJusJibdMTxw

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks