Overview

overview

10

Static

static

3

d32553eff7...6N.exe

windows7-x64

10

d32553eff7...6N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d32553eff7c2c046724c7a71bbe17a2ef688ccf42c9f9a179ebc556a69cccab6N

  • Size

    59KB

  • Sample

    241022-r5vcdazfpd

  • MD5

    380cedf09fe8be7f3de103aff130c960

  • SHA1

    9a23f128810a0b4bc79e550e98f83d52cf605e6b

  • SHA256

    d32553eff7c2c046724c7a71bbe17a2ef688ccf42c9f9a179ebc556a69cccab6

  • SHA512

    f83209c153836fa790cde968e3010d25cc691bd4e87d4c379e515a4367439ef39ebd15dea4717e1ef0f62bf58b544e49fb9c77a56db60a0a294fbf7b03872e9a

  • SSDEEP

    1536:yZ24jeFQigCzZpb7YqZE/kslpeeIb/MXeNCyVso:8zj45zZphE8UPIb/MXteso

Score
10/10
berbewbruteratelbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      d32553eff7c2c046724c7a71bbe17a2ef688ccf42c9f9a179ebc556a69cccab6N

    • Size

      59KB

    • MD5

      380cedf09fe8be7f3de103aff130c960

    • SHA1

      9a23f128810a0b4bc79e550e98f83d52cf605e6b

    • SHA256

      d32553eff7c2c046724c7a71bbe17a2ef688ccf42c9f9a179ebc556a69cccab6

    • SHA512

      f83209c153836fa790cde968e3010d25cc691bd4e87d4c379e515a4367439ef39ebd15dea4717e1ef0f62bf58b544e49fb9c77a56db60a0a294fbf7b03872e9a

    • SSDEEP

      1536:yZ24jeFQigCzZpb7YqZE/kslpeeIb/MXeNCyVso:8zj45zZphE8UPIb/MXteso

    Score
    10/10
    berbewbackdoordiscoverypersistencebruteratel

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Brute Ratel C4

      A customized command and control framework for red teaming and adversary simulation.

      backdoorbruteratel

    • Detect BruteRatel badger

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks