Overview

overview

10

Static

static

10

NEAS.278c8...c0.exe

windows7-x64

10

NEAS.278c8...c0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.278c8f7a58fa41b35738b69492cf0ac0.exe

  • Size

    112KB

  • Sample

    231115-c5w4msca7w

  • MD5

    278c8f7a58fa41b35738b69492cf0ac0

  • SHA1

    cfd30856886123ae48a47ea651adb0065d271a2e

  • SHA256

    2c50e3996dcd95959714b5a404eec2e2ccc239972675fb6070397b6cff2045f4

  • SHA512

    d0120bbe96b6e9d731755f130836d03bc84b7c450537952a2f0502f814a2641d0122929fbe1d18768a79fb7a574b2381c0373cc383818a588c8f21f1c7c955b3

  • SSDEEP

    3072:WnBh65mz9H7MQH2qC7ZQOlzSLUK6MwGsGnDc9o:Ke6H7MQWfdQOhwJ6MwGsw

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.278c8f7a58fa41b35738b69492cf0ac0.exe

    • Size

      112KB

    • MD5

      278c8f7a58fa41b35738b69492cf0ac0

    • SHA1

      cfd30856886123ae48a47ea651adb0065d271a2e

    • SHA256

      2c50e3996dcd95959714b5a404eec2e2ccc239972675fb6070397b6cff2045f4

    • SHA512

      d0120bbe96b6e9d731755f130836d03bc84b7c450537952a2f0502f814a2641d0122929fbe1d18768a79fb7a574b2381c0373cc383818a588c8f21f1c7c955b3

    • SSDEEP

      3072:WnBh65mz9H7MQH2qC7ZQOlzSLUK6MwGsGnDc9o:Ke6H7MQWfdQOhwJ6MwGsw

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks