berbew | 0008f88c6ee4a572bc7ccc3bc6779ecc[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

0008f88c6ee4a572bc7ccc3bc6779ecc.exe
Size

1.4MB
MD5

0008f88c6ee4a572bc7ccc3bc6779ecc
SHA1

e55a15e706e27641e579a2d6389843279a44b144
SHA256

c2757ab874313790bd631e2043cb869551bc4e64411d76fe0faf981327b207db
SHA512

43e375c163c9a73d7fa0498db9a7f3f59c06d8e54607e1dc83f549eec8a08a416d00a7ef1289e106354c057148fda3d3d1f2d33cf00c8a33a0dddb93d164b40b
SSDEEP

24576:+aJCzXjOYWHW2Ph2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZHp3oWNg:+aJYXjOYWHW4bazR0vKLXZHg

Score

10^/10

backdoor trojan dropper berbew

Malware Config

Signatures

Berbew family
berbew

Malware Dropper & Backdoor - Berbew 1 IoCs

Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

backdoor trojan dropper

resource	yara_rule
sample	family_berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0008f88c6ee4a572bc7ccc3bc6779ecc.exe

Files

0008f88c6ee4a572bc7ccc3bc6779ecc.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.rdata Size: 45KB - Virtual size: 45KB

.pdata Size: - Virtual size: 122KB

.text Size: 12KB - Virtual size: 12KB

.pdata Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.text Size: 9KB - Virtual size: 12KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 12KB

.idata Size: 512B - Virtual size: 4KB

.data Size: 9KB - Virtual size: 12KB

.text Size: 9KB - Virtual size: 12KB

.idata Size: 512B - Virtual size: 4KB

.rdata
Size: 45KB - Virtual size: 45KB

.pdata
Size: - Virtual size: 122KB

.text
Size: 12KB - Virtual size: 12KB

.pdata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 12KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 12KB

.idata
Size: 512B - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 12KB

.text
Size: 9KB - Virtual size: 12KB

.idata
Size: 512B - Virtual size: 4KB