General

  • Target

    NEAS.a3ee9832e9470284fc2df5c51e726400.exe

  • Size

    357KB

  • Sample

    231116-kprg8aad9t

  • MD5

    a3ee9832e9470284fc2df5c51e726400

  • SHA1

    5d40b195165706d8d5f121e310fe043bec0dd600

  • SHA256

    74ac6539e88c9d0f339704d8a3e5691b5950e337424dd82ee41d2c077d3407fd

  • SHA512

    e8e148a661b3e4a58a0c51e740d549f99fcf31d843b350f600d1780d3d91462187df740c341c8c8f628a8062b3e899561a233ccfa26deb46a3d6edff66ce1687

  • SSDEEP

    6144:ibp+tdX+wgOb/t1n6xJmPMwZoXpKtCe8AUReheFlfSZR0SvsuFrGoyeg3kl+fiXt:I+XX3gOrZoXpKtCe1eehil6ZR5ZrQegO

Malware Config

Targets

    • Target

      NEAS.a3ee9832e9470284fc2df5c51e726400.exe

    • Size

      357KB

    • MD5

      a3ee9832e9470284fc2df5c51e726400

    • SHA1

      5d40b195165706d8d5f121e310fe043bec0dd600

    • SHA256

      74ac6539e88c9d0f339704d8a3e5691b5950e337424dd82ee41d2c077d3407fd

    • SHA512

      e8e148a661b3e4a58a0c51e740d549f99fcf31d843b350f600d1780d3d91462187df740c341c8c8f628a8062b3e899561a233ccfa26deb46a3d6edff66ce1687

    • SSDEEP

      6144:ibp+tdX+wgOb/t1n6xJmPMwZoXpKtCe8AUReheFlfSZR0SvsuFrGoyeg3kl+fiXt:I+XX3gOrZoXpKtCe1eehil6ZR5ZrQegO

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks