Overview

overview

10

Static

static

10

NEAS.5fe71...80.exe

windows7-x64

10

NEAS.5fe71...80.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.5fe71679e6774a281faad0e2cbc97d80.exe

  • Size

    176KB

  • Sample

    231118-cmmggshb62

  • MD5

    5fe71679e6774a281faad0e2cbc97d80

  • SHA1

    f998365dbae9282c7c8945633274e3f57fccf1b6

  • SHA256

    b9c93a28f5fc406971a4551b736f2782e1c82fd94b13da737e55f0bd7a2008c0

  • SHA512

    6fcad3b2c145a9dd766978e36245526d1f104a688eca9065030136cbf5bcc6137bb04c6f23d7d066a79c84e07586eadeadb82263e5bb094ad8c1d284a8600881

  • SSDEEP

    3072:qpAqcyUjmOiBn3w8BdTj2h33ppaS46HUF2pMXSfN6RnQShl:quF3jVu3w8BdTj2V3ppQ60MMCf0RnQ4

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.5fe71679e6774a281faad0e2cbc97d80.exe

    • Size

      176KB

    • MD5

      5fe71679e6774a281faad0e2cbc97d80

    • SHA1

      f998365dbae9282c7c8945633274e3f57fccf1b6

    • SHA256

      b9c93a28f5fc406971a4551b736f2782e1c82fd94b13da737e55f0bd7a2008c0

    • SHA512

      6fcad3b2c145a9dd766978e36245526d1f104a688eca9065030136cbf5bcc6137bb04c6f23d7d066a79c84e07586eadeadb82263e5bb094ad8c1d284a8600881

    • SSDEEP

      3072:qpAqcyUjmOiBn3w8BdTj2h33ppaS46HUF2pMXSfN6RnQShl:quF3jVu3w8BdTj2V3ppQ60MMCf0RnQ4

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks