Overview

overview

10

Static

static

3

8164b68c2f...0N.exe

windows7-x64

10

8164b68c2f...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8164b68c2fb08ccd5c3a4562f01034414142d388eed320c9b522509b00ab85c0N.exe

  • Size

    565KB

  • Sample

    241120-dsl9cazgnk

  • MD5

    f73bafc27afe89da80f3badbb9a8f0a0

  • SHA1

    43b8b12aa43c511927d5c336834a4a5648dc45d6

  • SHA256

    8164b68c2fb08ccd5c3a4562f01034414142d388eed320c9b522509b00ab85c0

  • SHA512

    0201c9fd9d6cc014ebfca365a35f83ad1a199ce5f13c472aeec8046f011ae0f502e2c7afcb746819547cd50438e4938b821daa7c969f1001ec6a9d35929c4a30

  • SSDEEP

    12288:HUgGZtuFjAh//+zrWAIAqWim/+zrWAI5KF8OX:0gGZtuFjAh/mvFimm09OX

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      8164b68c2fb08ccd5c3a4562f01034414142d388eed320c9b522509b00ab85c0N.exe

    • Size

      565KB

    • MD5

      f73bafc27afe89da80f3badbb9a8f0a0

    • SHA1

      43b8b12aa43c511927d5c336834a4a5648dc45d6

    • SHA256

      8164b68c2fb08ccd5c3a4562f01034414142d388eed320c9b522509b00ab85c0

    • SHA512

      0201c9fd9d6cc014ebfca365a35f83ad1a199ce5f13c472aeec8046f011ae0f502e2c7afcb746819547cd50438e4938b821daa7c969f1001ec6a9d35929c4a30

    • SSDEEP

      12288:HUgGZtuFjAh//+zrWAIAqWim/+zrWAI5KF8OX:0gGZtuFjAh/mvFimm09OX

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks