Backdoor[.]Win32[.]Berbew[.]AA[.]MTB-3f02454e27f352f65b825178820e7baa64cc131c8dd5e290aafd2ac416231390N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Backdoor.Win32.Berbew.AA.MTB-3f02454e27f352f65b825178820e7baa64cc131c8dd5e290aafd2ac416231390N
Size

57KB
MD5

970d312e6b540df015559c7c3dd01cb0
SHA1

6daa014f7c3dd3ef703fae6b549888dafc363883
SHA256

3f02454e27f352f65b825178820e7baa64cc131c8dd5e290aafd2ac416231390
SHA512

97f3d1319c9e1cb8c34d5172898d5a80a223762ec22aaab1608ca8d1f8ad312ca3b12ea09cfe6c057983bece6362b38efe638c2e40a3f2772d02be3edde71e62
SSDEEP

1536:E1irYVCVrxUvAl/XWV5gCAmQq7IJdD4q0j:E1b3vY/XE5gxSU4qI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Backdoor.Win32.Berbew.AA.MTB-3f02454e27f352f65b825178820e7baa64cc131c8dd5e290aafd2ac416231390N

Files

Backdoor.Win32.Berbew.AA.MTB-3f02454e27f352f65b825178820e7baa64cc131c8dd5e290aafd2ac416231390N
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fldo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.l1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ