berbew | 1e1d8f225fb3027cde8756aad7eb9cbce056f35c1d6e240b0b65f0d2ad3597f5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

NEAS.c5c77...90.exe

windows7-x64

NEAS.c5c77...90.exe

windows10-2004-x64

Sharing

General

Target

NEAS.c5c7794c6f15874500c823ee8121ee90.exe
Size

122KB
Sample

231116-jm698agc62
MD5

c5c7794c6f15874500c823ee8121ee90
SHA1

1b50f11d34fb2f422b00d5a878bd3ce0a539d485
SHA256

1e1d8f225fb3027cde8756aad7eb9cbce056f35c1d6e240b0b65f0d2ad3597f5
SHA512

3e8c43085b352e31d475c02949582ac450e152577954a16dbc0a92d65b36ddf9702e2873d6d2d80d38621d786f375582b07ee8b7a307092237d450c5b92567f4
SSDEEP

1536:lvm1Fu8AjYaFwjRUdW7fmyY7aZYJVmy0KQbj6vbjuKoauGi4p:6u8ANCUdgfmD7zey0KUj6TjR9i4p

Score

10^/10

berbew dropper evasion persistence trojan

Static task

static1

persistence dropper trojan berbew

3 signatures

Behavioral task

behavioral1

Sample

NEAS.c5c7794c6f15874500c823ee8121ee90.exe

Resource

win7-20231020-en

dropper evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.c5c7794c6f15874500c823ee8121ee90.exe

Resource

win10v2004-20231025-en

dropper evasion persistence trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.c5c7794c6f15874500c823ee8121ee90.exe
- Size
  
  122KB
- MD5
  
  c5c7794c6f15874500c823ee8121ee90
- SHA1
  
  1b50f11d34fb2f422b00d5a878bd3ce0a539d485
- SHA256
  
  1e1d8f225fb3027cde8756aad7eb9cbce056f35c1d6e240b0b65f0d2ad3597f5
- SHA512
  
  3e8c43085b352e31d475c02949582ac450e152577954a16dbc0a92d65b36ddf9702e2873d6d2d80d38621d786f375582b07ee8b7a307092237d450c5b92567f4
- SSDEEP
  
  1536:lvm1Fu8AjYaFwjRUdW7fmyY7aZYJVmy0KQbj6vbjuKoauGi4p:6u8ANCUdgfmD7zey0KUj6TjR9i4p
Score

10^/10

dropper evasion persistence trojan
- Malware Backdoor - Berbew
  Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.
  persistence dropper trojan
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

persistencedroppertrojanberbew

behavioral1

dropperevasionpersistencetrojan

behavioral2

dropperevasionpersistencetrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.