Overview

overview

10

Static

static

3

6c2c5edeea...4N.exe

windows7-x64

10

6c2c5edeea...4N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c2c5edeeae7bded366fa7f7e9e14fe0ea69f367f44143401ca2a07eb8cdbac4N

  • Size

    59KB

  • Sample

    240919-gp4k1avajq

  • MD5

    49d918bb698313c2f30e79c449c25ed0

  • SHA1

    7d54d7a8f89bf1aa309636c02b83dcf0b9930de9

  • SHA256

    6c2c5edeeae7bded366fa7f7e9e14fe0ea69f367f44143401ca2a07eb8cdbac4

  • SHA512

    3b1a7841c6637aa347801f13ace41b9abbce6fc61dbc8efe8d3198f0e7bf75c69b15ad846e58024bdb5160fde72a2604830fb4b17d69c9c0709f4edf5308e1d2

  • SSDEEP

    768:JTs7OwIX3yw2KbToPH355FpV2pJDSSV7tTjOFgeST3sUOfZ/1H5k5nf1fZMEBFEI:JTs7OwYCLKwx2pJFzmFEAraNCyVso

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      6c2c5edeeae7bded366fa7f7e9e14fe0ea69f367f44143401ca2a07eb8cdbac4N

    • Size

      59KB

    • MD5

      49d918bb698313c2f30e79c449c25ed0

    • SHA1

      7d54d7a8f89bf1aa309636c02b83dcf0b9930de9

    • SHA256

      6c2c5edeeae7bded366fa7f7e9e14fe0ea69f367f44143401ca2a07eb8cdbac4

    • SHA512

      3b1a7841c6637aa347801f13ace41b9abbce6fc61dbc8efe8d3198f0e7bf75c69b15ad846e58024bdb5160fde72a2604830fb4b17d69c9c0709f4edf5308e1d2

    • SSDEEP

      768:JTs7OwIX3yw2KbToPH355FpV2pJDSSV7tTjOFgeST3sUOfZ/1H5k5nf1fZMEBFEI:JTs7OwYCLKwx2pJFzmFEAraNCyVso

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks