0b37857c520fd886e93057f44d4b82293932795ba82d6301883fc9b156d05759 | Triage

Sharing

General

Target

Backdoor.Win32.Berbew.pz-0b37857c520fd886e93057f44d4b82293932795ba82d6301883fc9b156d05759N
Size

75KB
Sample

240920-d3t2yawekh
MD5

e7dd187c9caaac3ddec23a5e437355e0
SHA1

d7162c572718d2df5e6e552da12f356e8f014dfa
SHA256

0b37857c520fd886e93057f44d4b82293932795ba82d6301883fc9b156d05759
SHA512

820ec9958f446e8982497c9111e33075c65a43ece29234f21dbbd45992313331d1092f6496ebb45ec200d926165fcb4fef4c3d7616cc9f33da4aa9130557fbc9
SSDEEP

1536:ny03eN/u/LcRqYUfUMeOMGc4WO53q52IrFH:y03osYWUpmWg3qv

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  Backdoor.Win32.Berbew.pz-0b37857c520fd886e93057f44d4b82293932795ba82d6301883fc9b156d05759N
- Size
  
  75KB
- MD5
  
  e7dd187c9caaac3ddec23a5e437355e0
- SHA1
  
  d7162c572718d2df5e6e552da12f356e8f014dfa
- SHA256
  
  0b37857c520fd886e93057f44d4b82293932795ba82d6301883fc9b156d05759
- SHA512
  
  820ec9958f446e8982497c9111e33075c65a43ece29234f21dbbd45992313331d1092f6496ebb45ec200d926165fcb4fef4c3d7616cc9f33da4aa9130557fbc9
- SSDEEP
  
  1536:ny03eN/u/LcRqYUfUMeOMGc4WO53q52IrFH:y03osYWUpmWg3qv
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence