berbew | 0bbeb29691aa93078a71413d0e4c06ff84e9cea206bf1a4eee03e3af43d4cb03 | Triage

Submit
Reports

Overview

overview

Static

static

034efcc615...11.exe

windows7-x64

034efcc615...11.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

034efcc6151622c2fb8f411edf0b7c11.exe
Size

1.2MB
Sample

240105-sdechsfdc4
MD5

034efcc6151622c2fb8f411edf0b7c11
SHA1

e0fe7c921d2c7f3034b62346073ecd28d0eac63d
SHA256

0bbeb29691aa93078a71413d0e4c06ff84e9cea206bf1a4eee03e3af43d4cb03
SHA512

604182b02b64b491df8f4af83b77b7f887ebda83d08532c1c1dbbc71f439646e5b2418d59d2cdee5c92397c25b4189b5b6b06b583248d919f68b73d92eb3d8d1
SSDEEP

24576:9/Em0BmmvFimm0MTP7hm0BmmvFimm0SGT8P402fo06YE1+91vK3xDWGk4A:94iLiZGT8P4Zfo06h1+91vOaGBA

Score

10^/10

berbew backdoor dropper persistence trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

034efcc6151622c2fb8f411edf0b7c11.exe

Resource

win7-20231215-en

backdoor dropper persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

034efcc6151622c2fb8f411edf0b7c11.exe

Resource

win10v2004-20231215-en

backdoor dropper trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  034efcc6151622c2fb8f411edf0b7c11.exe
- Size
  
  1.2MB
- MD5
  
  034efcc6151622c2fb8f411edf0b7c11
- SHA1
  
  e0fe7c921d2c7f3034b62346073ecd28d0eac63d
- SHA256
  
  0bbeb29691aa93078a71413d0e4c06ff84e9cea206bf1a4eee03e3af43d4cb03
- SHA512
  
  604182b02b64b491df8f4af83b77b7f887ebda83d08532c1c1dbbc71f439646e5b2418d59d2cdee5c92397c25b4189b5b6b06b583248d919f68b73d92eb3d8d1
- SSDEEP
  
  24576:9/Em0BmmvFimm0MTP7hm0BmmvFimm0SGT8P402fo06YE1+91vK3xDWGk4A:94iLiZGT8P4Zfo06h1+91vOaGBA
Score

10^/10

backdoor dropper persistence trojan
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordropperpersistencetrojan

behavioral2

backdoordroppertrojan

© 2018-2025

Terms | Privacy