berm | 356e56ae32b43f0f755e99e6b7042ca1bafab49f40cbfe92c10db52f21a8e08a | Triage

Resubmissions

13/04/2023, 09:20

230413-la8cvsbh3x 10

22/03/2023, 12:39

230322-pv1ejagg77 10

Sharing

General

Target

230220-rpstlsfjcp_pw_infected.zip
Size

867KB
Sample

230413-la8cvsbh3x
MD5

fb139ace674a88842f786f30f6639c43
SHA1

d70d6e80d05cfe183075f466902d74fc0b0f31aa
SHA256

356e56ae32b43f0f755e99e6b7042ca1bafab49f40cbfe92c10db52f21a8e08a
SHA512

7dcecae646c6e96790f4aee829ee698dc9cb5a8343381836ab8e0a3739e4ac0964a5650c9921bdcb8ec42964d5bbdace32a86e5c13a541dbbe5e999a2c8123d3
SSDEEP

24576:Qsq9HhhyEJ1rcu/5wPhT/iN+iWoTMTlSv/GsH6iBSWXS:Q1hhyKFcxQMQYTsv9RSWXS

Score

10^/10

berm not_berm taggie_berm_you_are_it

Malware Config

Targets

- Target
  
  stubbie.exe
- Size
  
  1.9MB
- MD5
  
  d76160184cd34eaead682a998af16d97
- SHA1
  
  34bde9eb28193cfe170c8f0b8730d90b66abae3e
- SHA256
  
  b362b3427c735bc17b0331a6eb3423075defbc2267413e02fd0d8b50639130c0
- SHA512
  
  1b57037a49476a9313a6349fa3790b7557b38085b1aeae2105ae108c696c9b01139ec68f99e543b5a7c33556eea8d8e3f24e8ffed28a2bd5b23d449f149b3b34
- SSDEEP
  
  49152:Tsf8+G3sJ1rb/TQvO90d7HjmAFd4A64nsfJTpfggUCjwf3I2D1:T3r
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

taggie_berm_you_are_itnot_bermberm

behavioral1

behavioral2