Overview

overview

10

Static

static

3

691ee68138...eN.exe

windows7-x64

10

691ee68138...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    691ee68138640174ed4e1bb01e33a539bdd79aac1b722de58b4539873ba997aeN.exe

  • Size

    59KB

  • Sample

    241120-gjjcwasles

  • MD5

    db3d983a186395a731d3f3da45cf7370

  • SHA1

    3826d66b07743002a2d821d98eb80a65ff88d531

  • SHA256

    691ee68138640174ed4e1bb01e33a539bdd79aac1b722de58b4539873ba997ae

  • SHA512

    c795bfc7231f452fb55494a7a9162fa16dc1f7e18c8c7038272c634aa9b5f14e4a8db34ca6b73f875d681f71a7a77bb1d2a5aeb79324b289d46845c08cb27292

  • SSDEEP

    768:Z9fIwXLZzB76aTtOYOlrM8wBvpaqOEErw4ytkArSvkNDUwZ3kZ/1H5j5nf1fZMEf:bgwXVzEat0S8wBvp5nYw4sfZm/NCyVso

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      691ee68138640174ed4e1bb01e33a539bdd79aac1b722de58b4539873ba997aeN.exe

    • Size

      59KB

    • MD5

      db3d983a186395a731d3f3da45cf7370

    • SHA1

      3826d66b07743002a2d821d98eb80a65ff88d531

    • SHA256

      691ee68138640174ed4e1bb01e33a539bdd79aac1b722de58b4539873ba997ae

    • SHA512

      c795bfc7231f452fb55494a7a9162fa16dc1f7e18c8c7038272c634aa9b5f14e4a8db34ca6b73f875d681f71a7a77bb1d2a5aeb79324b289d46845c08cb27292

    • SSDEEP

      768:Z9fIwXLZzB76aTtOYOlrM8wBvpaqOEErw4ytkArSvkNDUwZ3kZ/1H5j5nf1fZMEf:bgwXVzEat0S8wBvp5nYw4sfZm/NCyVso

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks