General

  • Target

    NEAS.1b3cb2e041a8240f5bc597b6c3bb9eb0.exe

  • Size

    450KB

  • Sample

    231117-gq4bmafh78

  • MD5

    1b3cb2e041a8240f5bc597b6c3bb9eb0

  • SHA1

    0f9aaa4e881e97de66b8fc7218aca60965c72f70

  • SHA256

    8000370fcf90ef0bfa7d8739fc909cfd408942cd6c03690b0a5bbcaa48e497cd

  • SHA512

    1ca9ebb1139467456142fd4da6a704b1bba81fa97570b9cec9776618381781fe0d666918b0077710b6acd44fa9cb2a313d008df5f2b863a075968669959920ee

  • SSDEEP

    12288:1syx3fXFC9m7ufXFC9xfIkMuXFC9m7ufXFC9Wm:myZfc9Iufc9xsuc9Iufc9Wm

Malware Config

Targets

    • Target

      NEAS.1b3cb2e041a8240f5bc597b6c3bb9eb0.exe

    • Size

      450KB

    • MD5

      1b3cb2e041a8240f5bc597b6c3bb9eb0

    • SHA1

      0f9aaa4e881e97de66b8fc7218aca60965c72f70

    • SHA256

      8000370fcf90ef0bfa7d8739fc909cfd408942cd6c03690b0a5bbcaa48e497cd

    • SHA512

      1ca9ebb1139467456142fd4da6a704b1bba81fa97570b9cec9776618381781fe0d666918b0077710b6acd44fa9cb2a313d008df5f2b863a075968669959920ee

    • SSDEEP

      12288:1syx3fXFC9m7ufXFC9xfIkMuXFC9m7ufXFC9Wm:myZfc9Iufc9xsuc9Iufc9Wm

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks