General

  • Target

    533483c23413d2bff1de8f3126cf600e0e1829739aac0e38c863a3965da64eed.exe

  • Size

    94KB

  • Sample

    240522-21x8kscd5x

  • MD5

    23b1faf9f73822e6390379aac93df350

  • SHA1

    9586a92cfc7d9a3df435a1baf67d9e240fde7b48

  • SHA256

    533483c23413d2bff1de8f3126cf600e0e1829739aac0e38c863a3965da64eed

  • SHA512

    cccf1828613c49095cf0440644d2011496ecbb51169ff5aa3e2b8efa7da69f99ccc844ea2d948da337902476cc8dfcc83f47bf9d6c3bd4679790168e81d89eeb

  • SSDEEP

    1536:nnlTe3enfpPoSh8bmpgAcUHW/WmLPHq39KUIC0uGmVJHQj1BEsCOyiKbZ9rQJg:nxnAO4kQWmjH6KU90uGimj1ieybvrx

Malware Config

Targets

    • Target

      533483c23413d2bff1de8f3126cf600e0e1829739aac0e38c863a3965da64eed.exe

    • Size

      94KB

    • MD5

      23b1faf9f73822e6390379aac93df350

    • SHA1

      9586a92cfc7d9a3df435a1baf67d9e240fde7b48

    • SHA256

      533483c23413d2bff1de8f3126cf600e0e1829739aac0e38c863a3965da64eed

    • SHA512

      cccf1828613c49095cf0440644d2011496ecbb51169ff5aa3e2b8efa7da69f99ccc844ea2d948da337902476cc8dfcc83f47bf9d6c3bd4679790168e81d89eeb

    • SSDEEP

      1536:nnlTe3enfpPoSh8bmpgAcUHW/WmLPHq39KUIC0uGmVJHQj1BEsCOyiKbZ9rQJg:nxnAO4kQWmjH6KU90uGimj1ieybvrx

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Tasks