berbew | c797054c278c6fb8d4e0d3fe77231faa[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c797054c278c6fb8d4e0d3fe77231faa.exe
Size

141KB
MD5

c797054c278c6fb8d4e0d3fe77231faa
SHA1

09c40e9e23f59e1826b182f33eccd1cfb3191ea8
SHA256

0d5703d0b4b4473b4bef1981e6f9d0071d88f685ef43477f331cd8abf1a646d1
SHA512

1e954b10656edcd891873b991d1df0266e6b3103079a46301cb319e6edff5df895e1fbd3b5bd0bd9d911ede8c3e20fcb3ec61dbeba4c9a1482983e6148eb7343
SSDEEP

3072:D+DAN0hj6VKV8yBumFuwQ9bGCmBJFWpoPSkGFj/p7sW0l:D+K0hjSK+yZFuN9bGCKJFtE/JK

Score

10^/10

backdoor trojan dropper berbew

Malware Config

Signatures

Berbew family
berbew

Malware Dropper & Backdoor - Berbew 1 IoCs

Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

backdoor trojan dropper

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c797054c278c6fb8d4e0d3fe77231faa.exe

Files

c797054c278c6fb8d4e0d3fe77231faa.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 31KB - Virtual size: 31KB

.rsrc Size: - Virtual size: 132KB

.data Size: 12KB - Virtual size: 12KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.text Size: 4KB - Virtual size: 8KB

.reloc Size: 8KB - Virtual size: 12KB

.reloc Size: 1KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 7KB - Virtual size: 8KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 8KB

.text Size: 4KB - Virtual size: 8KB

.idata Size: 512B - Virtual size: 4KB

.text
Size: 31KB - Virtual size: 31KB

.rsrc
Size: - Virtual size: 132KB

.data
Size: 12KB - Virtual size: 12KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 12KB

.reloc
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 7KB - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 8KB

.text
Size: 4KB - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB