Overview

overview

8

Static

static

3

berelt.exe

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    berelt.exe

  • Size

    1.1MB

  • Sample

    240323-znn32acd44

  • MD5

    18faf390161c83ea7791770af48777bf

  • SHA1

    598e893060602faed849d4bd5f1197ac4f1bdd30

  • SHA256

    2cf1dc9f2885f1f716160c59b09180e42c5ab69e8d3c0a703d51d3a726ca459e

  • SHA512

    0957d35a0983bba292b6c9b82b6aed16028a1040178d574b010c0e2c01b75566bcf6e50fa42b03231ca6536e777346995035e5446c96b2d3b2ccc4ba5671a5ed

  • SSDEEP

    12288:v3pe/tbrFWCztRcnCxj4d9I0CErcJpDvi8wYoyvp:glTkP9TrcJ9i8wY

Score
8/10
discoverymotwphishing

Malware Config

Targets

    • Target

      berelt.exe

    • Size

      1.1MB

    • MD5

      18faf390161c83ea7791770af48777bf

    • SHA1

      598e893060602faed849d4bd5f1197ac4f1bdd30

    • SHA256

      2cf1dc9f2885f1f716160c59b09180e42c5ab69e8d3c0a703d51d3a726ca459e

    • SHA512

      0957d35a0983bba292b6c9b82b6aed16028a1040178d574b010c0e2c01b75566bcf6e50fa42b03231ca6536e777346995035e5446c96b2d3b2ccc4ba5671a5ed

    • SSDEEP

      12288:v3pe/tbrFWCztRcnCxj4d9I0CErcJpDvi8wYoyvp:glTkP9TrcJ9i8wY

    Score
    8/10
    discoverymotwphishing

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

      phishingmotw
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks