Overview

overview

10

Static

static

3

e34367d9ce...19.exe

windows7-x64

10

e34367d9ce...19.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e34367d9ce0735c755e1419dda2d3f1a45c13a4a5c013ba27e8d886a8d8fb419

  • Size

    94KB

  • Sample

    241006-d8et7s1gpn

  • MD5

    265682af3456131290ab255235d93194

  • SHA1

    cf5b64ed6f45f7f46366a2e5695642a914e9e009

  • SHA256

    e34367d9ce0735c755e1419dda2d3f1a45c13a4a5c013ba27e8d886a8d8fb419

  • SHA512

    5da963abc0e0ec39cd62700e4b34d05f4a07f7dfb8b9443b09a3ccf81cf187c14e2e100cca2602cdaca1e0a268efdc5d01560fb471991e5c0ff0c9f7326db34b

  • SSDEEP

    1536:pHFlgFyteGV735BzEUDVBL0PrwZ4KQ78KbeSLGIfCOUY+0zv47BR9L4DT2EnINs:tKWr9bJZMwFIxDLGIfIdwg6+ob

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      e34367d9ce0735c755e1419dda2d3f1a45c13a4a5c013ba27e8d886a8d8fb419

    • Size

      94KB

    • MD5

      265682af3456131290ab255235d93194

    • SHA1

      cf5b64ed6f45f7f46366a2e5695642a914e9e009

    • SHA256

      e34367d9ce0735c755e1419dda2d3f1a45c13a4a5c013ba27e8d886a8d8fb419

    • SHA512

      5da963abc0e0ec39cd62700e4b34d05f4a07f7dfb8b9443b09a3ccf81cf187c14e2e100cca2602cdaca1e0a268efdc5d01560fb471991e5c0ff0c9f7326db34b

    • SSDEEP

      1536:pHFlgFyteGV735BzEUDVBL0PrwZ4KQ78KbeSLGIfCOUY+0zv47BR9L4DT2EnINs:tKWr9bJZMwFIxDLGIfIdwg6+ob

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks