Overview

overview

10

Static

static

3

eb34934097...47.exe

windows7-x64

10

eb34934097...47.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb34934097d3d51ea2b023e4bdfbb033da7d6c2acd101456f636702df624c847

  • Size

    96KB

  • Sample

    241121-m56m7a1cqa

  • MD5

    91f4e86dccef4b5908f31c31da10564e

  • SHA1

    f2ead30ebdd9090c55ab7b2aca18e45e53b55fd2

  • SHA256

    eb34934097d3d51ea2b023e4bdfbb033da7d6c2acd101456f636702df624c847

  • SHA512

    88fc8ca730aa9cf39b82739853e7f03169dda103c1170f909bf4f076615a96b0be4c4427578ad6c6f38748eb7b9919488f091247943f14a50da3a687ef51e530

  • SSDEEP

    1536:NwE7oyMtMbp/njZR8lfS1BF00u3OdM6ni5XbXwXDduV9jojTIvjrV:iE2W/jZRB1BuOPwzwTd69jc0vd

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      eb34934097d3d51ea2b023e4bdfbb033da7d6c2acd101456f636702df624c847

    • Size

      96KB

    • MD5

      91f4e86dccef4b5908f31c31da10564e

    • SHA1

      f2ead30ebdd9090c55ab7b2aca18e45e53b55fd2

    • SHA256

      eb34934097d3d51ea2b023e4bdfbb033da7d6c2acd101456f636702df624c847

    • SHA512

      88fc8ca730aa9cf39b82739853e7f03169dda103c1170f909bf4f076615a96b0be4c4427578ad6c6f38748eb7b9919488f091247943f14a50da3a687ef51e530

    • SSDEEP

      1536:NwE7oyMtMbp/njZR8lfS1BF00u3OdM6ni5XbXwXDduV9jojTIvjrV:iE2W/jZRB1BuOPwzwTd69jc0vd

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks