berbew | dea3fdc0f2edabf9426a54fb345fb70ccdf9d283359280bc2bb54d4153587c9e | Triage

Submit
Reports

Overview

overview

Static

static

NEAS.313ad...a0.exe

windows7-x64

NEAS.313ad...a0.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.313addcdf5224bc85fba1200a79382a0.exe
Size

1.2MB
Sample

231118-cc3qqaaa9x
MD5

313addcdf5224bc85fba1200a79382a0
SHA1

bb505608ffb4902402f0427338bc4889a0dedf93
SHA256

dea3fdc0f2edabf9426a54fb345fb70ccdf9d283359280bc2bb54d4153587c9e
SHA512

7de4cad3bb55b14f2c1d75ba266d45646d2b3f6b23ee5eb2e1f68a4fc5dff10eba3392deb9553a64c4887193056026c26ef8537fc9b3ad495e179f110e7a26d5
SSDEEP

24576:5UT6acm0BmmvFimm0MTP7hm0BmmvFimm0SGT8P402fo06YE1+91vK3xDWGk4A:5viLiZGT8P4Zfo06h1+91vOaGBA

Score

10^/10

berbew dropper persistence trojan

Static task

static1

persistence dropper trojan berbew

3 signatures

Behavioral task

behavioral1

Sample

NEAS.313addcdf5224bc85fba1200a79382a0.exe

Resource

win7-20231020-en

dropper persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.313addcdf5224bc85fba1200a79382a0.exe

Resource

win10v2004-20231023-en

dropper persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.313addcdf5224bc85fba1200a79382a0.exe
- Size
  
  1.2MB
- MD5
  
  313addcdf5224bc85fba1200a79382a0
- SHA1
  
  bb505608ffb4902402f0427338bc4889a0dedf93
- SHA256
  
  dea3fdc0f2edabf9426a54fb345fb70ccdf9d283359280bc2bb54d4153587c9e
- SHA512
  
  7de4cad3bb55b14f2c1d75ba266d45646d2b3f6b23ee5eb2e1f68a4fc5dff10eba3392deb9553a64c4887193056026c26ef8537fc9b3ad495e179f110e7a26d5
- SSDEEP
  
  24576:5UT6acm0BmmvFimm0MTP7hm0BmmvFimm0SGT8P402fo06YE1+91vK3xDWGk4A:5viLiZGT8P4Zfo06h1+91vOaGBA
Score

10^/10

dropper persistence trojan
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Malware Backdoor - Berbew
  Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.
  persistence dropper trojan
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

persistencedroppertrojanberbew

behavioral1

dropperpersistencetrojan

behavioral2

dropperpersistencetrojan

© 2018-2025

Terms | Privacy