berbew | 0dfe3d8158f64c497e62344493f2f6ae5a87be1a4ed09b477cc66e28f3d68246 | Triage

Submit
Reports

Overview

overview

Static

static

0dfe3d8158...46.exe

windows7-x64

0dfe3d8158...46.exe

windows10-2004-x64

Sharing

General

Target

0dfe3d8158f64c497e62344493f2f6ae5a87be1a4ed09b477cc66e28f3d68246.exe
Size

282KB
Sample

240521-zqzbsaab93
MD5

1dddabcb33a8af52dbd5d14a31f8bfa0
SHA1

af44bc450e24fa311d34cf1016396e4da3987509
SHA256

0dfe3d8158f64c497e62344493f2f6ae5a87be1a4ed09b477cc66e28f3d68246
SHA512

f27c767a50c9629c4ef66e0a6a2e337a6b8d40503bd596ac4c1f83e4ae30774b23f00c5e4a57199c3b155d339b13caf8fcebe6cff469444600af84188b07cbf6
SSDEEP

6144:iXu/YXoz+PglGhhx9ebK7mOoS3C+kEjiPISUOgW9X+hOGzC/:GmYXoqPgl+9eaNv3C+kmZzcukG2/

Score

10^/10

berbew backdoor dropper trojan

Static task

static1

backdoor trojan dropper berbew

3 signatures

Behavioral task

behavioral1

Sample

0dfe3d8158f64c497e62344493f2f6ae5a87be1a4ed09b477cc66e28f3d68246.exe

Resource

win7-20240220-en

backdoor dropper trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0dfe3d8158f64c497e62344493f2f6ae5a87be1a4ed09b477cc66e28f3d68246.exe

Resource

win10v2004-20240426-en

backdoor dropper trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  0dfe3d8158f64c497e62344493f2f6ae5a87be1a4ed09b477cc66e28f3d68246.exe
- Size
  
  282KB
- MD5
  
  1dddabcb33a8af52dbd5d14a31f8bfa0
- SHA1
  
  af44bc450e24fa311d34cf1016396e4da3987509
- SHA256
  
  0dfe3d8158f64c497e62344493f2f6ae5a87be1a4ed09b477cc66e28f3d68246
- SHA512
  
  f27c767a50c9629c4ef66e0a6a2e337a6b8d40503bd596ac4c1f83e4ae30774b23f00c5e4a57199c3b155d339b13caf8fcebe6cff469444600af84188b07cbf6
- SSDEEP
  
  6144:iXu/YXoz+PglGhhx9ebK7mOoS3C+kEjiPISUOgW9X+hOGzC/:GmYXoqPgl+9eaNv3C+kmZzcukG2/
Score

10^/10

backdoor dropper trojan
- Malware Dropper & Backdoor - Berbew
  Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.
  backdoor trojan dropper
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

backdoortrojandropperberbew

behavioral1

backdoordroppertrojan

behavioral2

backdoordroppertrojan

© 2018-2024

Terms | Privacy