Overview

overview

10

Static

static

10

NEAS.a9b94...b0.exe

windows7-x64

10

NEAS.a9b94...b0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.a9b9459042c0e72240898b025c1eafb0.exe

  • Size

    345KB

  • Sample

    231116-m71jyscc7s

  • MD5

    a9b9459042c0e72240898b025c1eafb0

  • SHA1

    cc8c61bca0461f8efa8b41c7eb11167708cc101f

  • SHA256

    d50002ce9a10d606ba5fd2cb62b4ff7c9ae095f0a3125c47665ceaa95fe9b766

  • SHA512

    a64ccb382f4f1a28de7f091f853540145fa0e3f430b1e3d25fe0b6811e8d017c7488d7e35b68aac79f6a78ea0fe5c70bf8ebc1e7b09a6a97ee14127a9fd4559c

  • SSDEEP

    6144:N4yg6EavMaB4muz14QaYgTt+scaHACw6Ykw/a8dWBtp27DpomqcPMwNFN6aeK9kc:NjVE61uznghoaHACwBkka8eGp7dPRr6G

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.a9b9459042c0e72240898b025c1eafb0.exe

    • Size

      345KB

    • MD5

      a9b9459042c0e72240898b025c1eafb0

    • SHA1

      cc8c61bca0461f8efa8b41c7eb11167708cc101f

    • SHA256

      d50002ce9a10d606ba5fd2cb62b4ff7c9ae095f0a3125c47665ceaa95fe9b766

    • SHA512

      a64ccb382f4f1a28de7f091f853540145fa0e3f430b1e3d25fe0b6811e8d017c7488d7e35b68aac79f6a78ea0fe5c70bf8ebc1e7b09a6a97ee14127a9fd4559c

    • SSDEEP

      6144:N4yg6EavMaB4muz14QaYgTt+scaHACw6Ykw/a8dWBtp27DpomqcPMwNFN6aeK9kc:NjVE61uznghoaHACwBkka8eGp7dPRr6G

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks