Overview

overview

10

Static

static

10

NEAS.778c8...78.exe

windows7-x64

10

NEAS.778c8...78.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.778c89d10ce196ccc89b977a35790778.exe

  • Size

    113KB

  • Sample

    231116-vvtvmsdg38

  • MD5

    778c89d10ce196ccc89b977a35790778

  • SHA1

    82973cba81ddcaecc61d64d75a726a8c4d00486c

  • SHA256

    7b0414d0afff06cb203e0829e12a3206535266f072509630807934733782e70a

  • SHA512

    5850085b83c9c8300ec824022a5a3045f07d0bb5551fe9cfb4d0e83bc6675c39a1a5ee5aac6ac1ad9cfe6dcfe0145a840a41b7e499b926d537061e48c4eb01e4

  • SSDEEP

    3072:aJXAxPa8ouoBVvbTOuGkZFfFSebHWrH8wTW0:aJXAxPa8o/vja7otSeWrP

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.778c89d10ce196ccc89b977a35790778.exe

    • Size

      113KB

    • MD5

      778c89d10ce196ccc89b977a35790778

    • SHA1

      82973cba81ddcaecc61d64d75a726a8c4d00486c

    • SHA256

      7b0414d0afff06cb203e0829e12a3206535266f072509630807934733782e70a

    • SHA512

      5850085b83c9c8300ec824022a5a3045f07d0bb5551fe9cfb4d0e83bc6675c39a1a5ee5aac6ac1ad9cfe6dcfe0145a840a41b7e499b926d537061e48c4eb01e4

    • SSDEEP

      3072:aJXAxPa8ouoBVvbTOuGkZFfFSebHWrH8wTW0:aJXAxPa8o/vja7otSeWrP

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks