berbew | bd69b34ac08dab64e453aee9cd92385fc208595749c0eb1346c18025c7cc5e4f | Triage

Sharing

General

Target

bd69b34ac08dab64e453aee9cd92385fc208595749c0eb1346c18025c7cc5e4f
Size

226KB
Sample

241121-hl8k8azgkl
MD5

ede230807aef39a93abcfd4c7c5306b1
SHA1

bc92049c27917cd55f31d4b5e7ec548a912dc13e
SHA256

bd69b34ac08dab64e453aee9cd92385fc208595749c0eb1346c18025c7cc5e4f
SHA512

bffc6ca426a96ac6823cfe22a7cc6722f771ff27f3c5f42d7d0f31ae804cd4549422307abf1e1b5268cd4e3fc9e8faebfd7c9b1dc4ec53bdedbbcf444be957a7
SSDEEP

6144:/OBbGuRz44yRXfxqySSKpRmSKeTk7eT5ABrnL8MdYg:WBTiF5IKrEAlnLAg

Score

10^/10

berbew backdoor discovery

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

- Target
  
  bd69b34ac08dab64e453aee9cd92385fc208595749c0eb1346c18025c7cc5e4f
- Size
  
  226KB
- MD5
  
  ede230807aef39a93abcfd4c7c5306b1
- SHA1
  
  bc92049c27917cd55f31d4b5e7ec548a912dc13e
- SHA256
  
  bd69b34ac08dab64e453aee9cd92385fc208595749c0eb1346c18025c7cc5e4f
- SHA512
  
  bffc6ca426a96ac6823cfe22a7cc6722f771ff27f3c5f42d7d0f31ae804cd4549422307abf1e1b5268cd4e3fc9e8faebfd7c9b1dc4ec53bdedbbcf444be957a7
- SSDEEP
  
  6144:/OBbGuRz44yRXfxqySSKpRmSKeTk7eT5ABrnL8MdYg:WBTiF5IKrEAlnLAg
Score

10^/10

berbew backdoor discovery
- Berbew
  Berbew is a backdoor written in C++.
  backdoor berbew
- Berbew family
  berbew
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

berbewbackdoordiscovery