General

  • Target

    TrojanDownloader.Win32.Berbew.pz-a9b1be3a089540a32c0274d27e4b3829b622f0b244f3dfeab735d38f4c50cce6N

  • Size

    59KB

  • Sample

    240916-nh3hpavdlq

  • MD5

    09aaeef252e2b28cc2b4e19b15870b00

  • SHA1

    6b9871114eaa7f26828f73f8a7897499462ac326

  • SHA256

    a9b1be3a089540a32c0274d27e4b3829b622f0b244f3dfeab735d38f4c50cce6

  • SHA512

    96ceb720be1f3eac36a4204e30e0358861a35fb6d16f80b7708070efa997a98c8cc0c99f88866ad289c3967df110ed0e65fe5d1deb042801bf3520aa518be740

  • SSDEEP

    768:9eBpfhlV+s1R42GU/rYA31HTa2abxN+e1nzPPRX4Z/1H5w5nf1fZMEBFELvkVgFR:9eBpV+s1q2d/r/35TkN+e1MuNCyVs

Malware Config

Targets

    • Target

      TrojanDownloader.Win32.Berbew.pz-a9b1be3a089540a32c0274d27e4b3829b622f0b244f3dfeab735d38f4c50cce6N

    • Size

      59KB

    • MD5

      09aaeef252e2b28cc2b4e19b15870b00

    • SHA1

      6b9871114eaa7f26828f73f8a7897499462ac326

    • SHA256

      a9b1be3a089540a32c0274d27e4b3829b622f0b244f3dfeab735d38f4c50cce6

    • SHA512

      96ceb720be1f3eac36a4204e30e0358861a35fb6d16f80b7708070efa997a98c8cc0c99f88866ad289c3967df110ed0e65fe5d1deb042801bf3520aa518be740

    • SSDEEP

      768:9eBpfhlV+s1R42GU/rYA31HTa2abxN+e1nzPPRX4Z/1H5w5nf1fZMEBFELvkVgFR:9eBpV+s1q2d/r/35TkN+e1MuNCyVs

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Berbew

      Berbew is a backdoor written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks