Overview

overview

10

Static

static

10

NEAS.e1c4a...a0.exe

windows7-x64

10

NEAS.e1c4a...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.e1c4a049e28384472fac7f9154880aa0.exe

  • Size

    143KB

  • Sample

    231116-1xg7hshf4w

  • MD5

    e1c4a049e28384472fac7f9154880aa0

  • SHA1

    d2eff2a3be40e80122968442dbea7729640fcfb0

  • SHA256

    2a174e20ff42268858b7ef4bfb0d60403869ca5cf5e09fc1a19fade216d2bbe8

  • SHA512

    fa8e012b89a70e18c2e5201ed883b5736980fd0322b34025313fad5575847f0d84e34a737868880b84859acfceabc1712e0ea36ae93e29ca580d3c9b066c0b9b

  • SSDEEP

    3072:9zNoDMRINzbIOyXkZYPceCpxNgmFO1gdd8jH:9zLmNHInVXyNtF0b

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.e1c4a049e28384472fac7f9154880aa0.exe

    • Size

      143KB

    • MD5

      e1c4a049e28384472fac7f9154880aa0

    • SHA1

      d2eff2a3be40e80122968442dbea7729640fcfb0

    • SHA256

      2a174e20ff42268858b7ef4bfb0d60403869ca5cf5e09fc1a19fade216d2bbe8

    • SHA512

      fa8e012b89a70e18c2e5201ed883b5736980fd0322b34025313fad5575847f0d84e34a737868880b84859acfceabc1712e0ea36ae93e29ca580d3c9b066c0b9b

    • SSDEEP

      3072:9zNoDMRINzbIOyXkZYPceCpxNgmFO1gdd8jH:9zLmNHInVXyNtF0b

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks