General

  • Target

    9044d420f25eabde1ab94345faa44111c002969da42621ba789abefaa27051bdN

  • Size

    160KB

  • Sample

    241107-jm5fmaxnf1

  • MD5

    59d151066b98b1b8a5997e0b0ab83560

  • SHA1

    83c6f4bc7275a2a72735c1972f5aa42397219fa6

  • SHA256

    9044d420f25eabde1ab94345faa44111c002969da42621ba789abefaa27051bd

  • SHA512

    06f0e7b306a924b11ffdc3ac4870a90b03ad030b380ed7beb3fcabc01ceb020da765ec925826a2c47a26850bcbe6036f68fc65d4f88ff9ff08f2c8e416177e92

  • SSDEEP

    3072:wxuNCFq9V0F7IUze7j+j6+JB8M6m9jqLsFmsdYXmLZ:2jg4I1j+j6MB8MhjwszeXmF

Malware Config

Extracted

Family

berbew

C2

http://crutop.nu/index.php

http://devx.nm.ru/index.php

http://ros-neftbank.ru/index.php

http://master-x.com/index.php

http://www.redline.ru/index.php

http://cvv.ru/index.php

http://hackers.lv/index.php

http://fethard.biz/index.php

http://crutop.ru/index.php

http://kaspersky.ru/index.php

http://color-bank.ru/index.php

http://adult-empire.com/index.php

http://virus-list.com/index.php

http://trojan.ru/index.php

http://xware.cjb.net/index.htm

http://konfiskat.org/index.htm

http://parex-bank.ru/index.htm

http://fethard.biz/index.htm

http://ldark.nm.ru/index.htm

http://gaz-prom.ru/index.htm

Targets

    • Target

      9044d420f25eabde1ab94345faa44111c002969da42621ba789abefaa27051bdN

    • Size

      160KB

    • MD5

      59d151066b98b1b8a5997e0b0ab83560

    • SHA1

      83c6f4bc7275a2a72735c1972f5aa42397219fa6

    • SHA256

      9044d420f25eabde1ab94345faa44111c002969da42621ba789abefaa27051bd

    • SHA512

      06f0e7b306a924b11ffdc3ac4870a90b03ad030b380ed7beb3fcabc01ceb020da765ec925826a2c47a26850bcbe6036f68fc65d4f88ff9ff08f2c8e416177e92

    • SSDEEP

      3072:wxuNCFq9V0F7IUze7j+j6+JB8M6m9jqLsFmsdYXmLZ:2jg4I1j+j6MB8MhjwszeXmF

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Berbew

      Berbew is a backdoor written in C++.

    • Berbew family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks