Overview

overview

10

Static

static

10

NEAS.0545c...e0.exe

windows7-x64

10

NEAS.0545c...e0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.0545c51bdd5271e1ad77b9434a40aae0.exe

  • Size

    143KB

  • Sample

    231116-nlfhbsbb45

  • MD5

    0545c51bdd5271e1ad77b9434a40aae0

  • SHA1

    8d3c0ec0ecefe5818e5a3ef603d6d3bfee56a480

  • SHA256

    6f70a79b3aad73cb1045418d5d31ac3d9ae60422dac67c77727170c4f0616a95

  • SHA512

    d4a87d4efbea17178bde7fd0f462fa91de511fd41394c14d2b78859c54e1dc7510b2878388eff2f01247f64dfa391463677b47e29259ef78c4eba8baf8bae486

  • SSDEEP

    1536:KQagP48Ljtj+zDKUQ5ziJE93isirBUBEVGBtVM2hZV03fca13y:KQDsDK3N93bsGfhv0vt3y

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.0545c51bdd5271e1ad77b9434a40aae0.exe

    • Size

      143KB

    • MD5

      0545c51bdd5271e1ad77b9434a40aae0

    • SHA1

      8d3c0ec0ecefe5818e5a3ef603d6d3bfee56a480

    • SHA256

      6f70a79b3aad73cb1045418d5d31ac3d9ae60422dac67c77727170c4f0616a95

    • SHA512

      d4a87d4efbea17178bde7fd0f462fa91de511fd41394c14d2b78859c54e1dc7510b2878388eff2f01247f64dfa391463677b47e29259ef78c4eba8baf8bae486

    • SSDEEP

      1536:KQagP48Ljtj+zDKUQ5ziJE93isirBUBEVGBtVM2hZV03fca13y:KQDsDK3N93bsGfhv0vt3y

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks