Overview

overview

10

Static

static

10

NEAS.01943...80.exe

windows7-x64

10

NEAS.01943...80.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.01943150d830538da38897dda0a12a80.exe

  • Size

    450KB

  • Sample

    231115-e4hwqsdd8t

  • MD5

    01943150d830538da38897dda0a12a80

  • SHA1

    e5fae67b7a85fc4820adf10a885ec74ef46f55d7

  • SHA256

    a68de0901adff59b778c03f1e44b3d6432d835cccd9434bdd98a7de29bb21579

  • SHA512

    63d81a01085df08858ee3f4494fa4f2179f6e7b11b50a5993dfcb6320e6eeaabd7376f50fabdf7348e1883650d278ffc5d6d6b8872a3ebf7a56f5407150267a7

  • SSDEEP

    12288:kPXFC9m7ufXFC9xfIkMuXFC9m7ufXFC9Wm:Oc9Iufc9xsuc9Iufc9Wm

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.01943150d830538da38897dda0a12a80.exe

    • Size

      450KB

    • MD5

      01943150d830538da38897dda0a12a80

    • SHA1

      e5fae67b7a85fc4820adf10a885ec74ef46f55d7

    • SHA256

      a68de0901adff59b778c03f1e44b3d6432d835cccd9434bdd98a7de29bb21579

    • SHA512

      63d81a01085df08858ee3f4494fa4f2179f6e7b11b50a5993dfcb6320e6eeaabd7376f50fabdf7348e1883650d278ffc5d6d6b8872a3ebf7a56f5407150267a7

    • SSDEEP

      12288:kPXFC9m7ufXFC9xfIkMuXFC9m7ufXFC9Wm:Oc9Iufc9xsuc9Iufc9Wm

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks