General

  • Target

    TrojanDownloader.Win32.Berbew.pz-333227401cd7e64c4b7a089179378388e27772f9875a3f76a680d53eaf43697eN

  • Size

    59KB

  • Sample

    240916-nn5v1avflg

  • MD5

    1cff79f9b39b7d34342e536c6a102830

  • SHA1

    3083a74c656f4a37207cb6ee2520e0b42618efa3

  • SHA256

    333227401cd7e64c4b7a089179378388e27772f9875a3f76a680d53eaf43697e

  • SHA512

    d9bf9cc4eed7556c30abcb5fa5f2ef1fa755dfb33a2507ff6284c29c458ed12a5665fbab58be92a3a7f9f76613e1a4adf1c54c0d7b82f7616642646203fdb9f5

  • SSDEEP

    768:9klMSAyz4MhMB7gGyFalZZ2wO+7Pa5MYqZ/1H595nf1fZMEBFELvkVgFRo:9kl7A64MhMBEZalZZ5W5E9NCyVso

Malware Config

Targets

    • Target

      TrojanDownloader.Win32.Berbew.pz-333227401cd7e64c4b7a089179378388e27772f9875a3f76a680d53eaf43697eN

    • Size

      59KB

    • MD5

      1cff79f9b39b7d34342e536c6a102830

    • SHA1

      3083a74c656f4a37207cb6ee2520e0b42618efa3

    • SHA256

      333227401cd7e64c4b7a089179378388e27772f9875a3f76a680d53eaf43697e

    • SHA512

      d9bf9cc4eed7556c30abcb5fa5f2ef1fa755dfb33a2507ff6284c29c458ed12a5665fbab58be92a3a7f9f76613e1a4adf1c54c0d7b82f7616642646203fdb9f5

    • SSDEEP

      768:9klMSAyz4MhMB7gGyFalZZ2wO+7Pa5MYqZ/1H595nf1fZMEBFELvkVgFRo:9kl7A64MhMBEZalZZ5W5E9NCyVso

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Berbew

      Berbew is a backdoor written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks