berbew | NEAS[.]a0b6004013384164057f0c3be1bad320[.]exe

General

Target

NEAS.a0b6004013384164057f0c3be1bad320.exe
Size

396KB
MD5

a0b6004013384164057f0c3be1bad320
SHA1

cbe8cc6406097960fa655d9f3cb32230d6655ae5
SHA256

f1fb0dc6d222c4755c00b01acbece522d630d51291362ceb25efaf0512b09445
SHA512

5d028b51152353286789b927150bc567dbe4b94a496187ac42e7a6e2bb09739bb34eaaf3995e2660f4d04cdea8aaad43d1dc8cb489702f0a34edc758ea30a164
SSDEEP

12288:MBARf3D0HYlAEnkl0a04OL5a6MuJpE0Lny19c09IkjrVIqbh/Uh9:MBARPQ4lAEw0a04OL5a6MuJpE0Lny19a

Score

10^/10

persistence dropper trojan berbew

Malware Config

Signatures

Berbew family
berbew

Malware Backdoor - Berbew 1 IoCs

Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

persistence dropper trojan

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a0b6004013384164057f0c3be1bad320.exe

Files

NEAS.a0b6004013384164057f0c3be1bad320.exe
.exe windows:6 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 144KB - Virtual size: 60KB

Size: 228KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA

Size: - Virtual size:

Size: 163KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

 Size: 144KB - Virtual size: 60KB

Size: 228KB - Virtual size: 4B

���� Size: - Virtual size:

Size: - Virtual size:

Size: 163KB - Virtual size:

Size: 144KB - Virtual size: 60KB

��
Size: - Virtual size: