Overview

overview

10

Static

static

10

0b1a7fc208...5e.exe

windows7-x64

10

0b1a7fc208...5e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b1a7fc2087d9577f7c35a94ad7fcb641ae77a0f8e9bf9c21be075a012bf955e.exe

  • Size

    108KB

  • Sample

    240521-zhwkxshh6y

  • MD5

    0c49c2c2dcff67ca691babc79f68b280

  • SHA1

    30f7c93f0c5fa03d2b6d337e8e1e7c075fec7486

  • SHA256

    0b1a7fc2087d9577f7c35a94ad7fcb641ae77a0f8e9bf9c21be075a012bf955e

  • SHA512

    821e543ca28750d00b08ebbfa51d167921064d72a93eaf704a6a497ba71ccd87868d4e02396d24afe29d1b69a27cf30045a2f5fc70e54f53e5862db82a5d3681

  • SSDEEP

    3072:VkNKM783Ru7NYMOVUjmOiBn3w8BdTj2h3K:6y+i6jVu3w8BdTj2VK

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      0b1a7fc2087d9577f7c35a94ad7fcb641ae77a0f8e9bf9c21be075a012bf955e.exe

    • Size

      108KB

    • MD5

      0c49c2c2dcff67ca691babc79f68b280

    • SHA1

      30f7c93f0c5fa03d2b6d337e8e1e7c075fec7486

    • SHA256

      0b1a7fc2087d9577f7c35a94ad7fcb641ae77a0f8e9bf9c21be075a012bf955e

    • SHA512

      821e543ca28750d00b08ebbfa51d167921064d72a93eaf704a6a497ba71ccd87868d4e02396d24afe29d1b69a27cf30045a2f5fc70e54f53e5862db82a5d3681

    • SSDEEP

      3072:VkNKM783Ru7NYMOVUjmOiBn3w8BdTj2h3K:6y+i6jVu3w8BdTj2VK

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks