Overview

overview

10

Static

static

10

a295dda5c3...cd.exe

windows7-x64

10

a295dda5c3...cd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a295dda5c36b2e4071c4a6812f2c20641f9cfb382b4eb42a94f769b0b53812cd.exe

  • Size

    640KB

  • Sample

    240524-em282sce2w

  • MD5

    22a508deb8c6275968a533c6b88dee20

  • SHA1

    59697aac95397be6d51a4d62df18fb54cd986bbf

  • SHA256

    a295dda5c36b2e4071c4a6812f2c20641f9cfb382b4eb42a94f769b0b53812cd

  • SHA512

    cf0943c8d079932bfb3db32fccc329f5a90683404876ef66972b86deb35629cb88bec03f07bc251bcf39ad647097edbacd87763d027569441101becc0222de06

  • SSDEEP

    12288:VQdXHaINIVIIVy2oIvPKiK13fS2hEYM9RIPk:qdXHfNIVIIVy2jU13fS2hEYM9RIPk

Score
10/10
berbewbackdoordropperpersistencetrojan

Malware Config

Targets

    • Target

      a295dda5c36b2e4071c4a6812f2c20641f9cfb382b4eb42a94f769b0b53812cd.exe

    • Size

      640KB

    • MD5

      22a508deb8c6275968a533c6b88dee20

    • SHA1

      59697aac95397be6d51a4d62df18fb54cd986bbf

    • SHA256

      a295dda5c36b2e4071c4a6812f2c20641f9cfb382b4eb42a94f769b0b53812cd

    • SHA512

      cf0943c8d079932bfb3db32fccc329f5a90683404876ef66972b86deb35629cb88bec03f07bc251bcf39ad647097edbacd87763d027569441101becc0222de06

    • SSDEEP

      12288:VQdXHaINIVIIVy2oIvPKiK13fS2hEYM9RIPk:qdXHfNIVIIVy2jU13fS2hEYM9RIPk

    Score
    10/10
    backdoordropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

      backdoortrojandropper

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks