berbew | 62f264f89de189afb9c22b0ead502592a7741714b471f2a9674e2db00c2864ca | Triage

Submit
Reports

Overview

overview

Static

static

f35fc965da...e5.exe

windows7-x64

f35fc965da...e5.exe

windows10-2004-x64

Sharing

General

Target

f35fc965da43658733a53afbedccb1e5.exe
Size

3.7MB
Sample

231126-lrtk2age46
MD5

f35fc965da43658733a53afbedccb1e5
SHA1

91abe9bed39bdf5e8b6dd5e72337badae6b132a4
SHA256

62f264f89de189afb9c22b0ead502592a7741714b471f2a9674e2db00c2864ca
SHA512

6de2c0f9ed444564517e816a93f33806724d1e6a293f987c8fa232a9f2ec4510ae6501d2a93da1e2d807db279379edd7275cd264cb98ec5445a07de5907d4715
SSDEEP

49152:1CZ6Gnh6HaSHFaZRBEYyqmS2DiHPKQgm:YZ6Gnh6HaSHFaZRBEYyqmS2DiHPKQgm

Score

10^/10

berbew dropper persistence trojan

Static task

static1

persistence dropper trojan berbew

3 signatures

Behavioral task

behavioral1

Sample

f35fc965da43658733a53afbedccb1e5.exe

Resource

win7-20231023-en

dropper persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

f35fc965da43658733a53afbedccb1e5.exe

Resource

win10v2004-20231020-en

dropper persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f35fc965da43658733a53afbedccb1e5.exe
- Size
  
  3.7MB
- MD5
  
  f35fc965da43658733a53afbedccb1e5
- SHA1
  
  91abe9bed39bdf5e8b6dd5e72337badae6b132a4
- SHA256
  
  62f264f89de189afb9c22b0ead502592a7741714b471f2a9674e2db00c2864ca
- SHA512
  
  6de2c0f9ed444564517e816a93f33806724d1e6a293f987c8fa232a9f2ec4510ae6501d2a93da1e2d807db279379edd7275cd264cb98ec5445a07de5907d4715
- SSDEEP
  
  49152:1CZ6Gnh6HaSHFaZRBEYyqmS2DiHPKQgm:YZ6Gnh6HaSHFaZRBEYyqmS2DiHPKQgm
Score

10^/10

dropper persistence trojan
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Malware Backdoor - Berbew
  Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.
  persistence dropper trojan
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

persistencedroppertrojanberbew

behavioral1

dropperpersistencetrojan

behavioral2

dropperpersistencetrojan

© 2018-2024

Terms | Privacy