Overview

overview

10

Static

static

3

f3927522cb...7c.exe

windows7-x64

10

f3927522cb...7c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f3927522cbc33f783308e84209e64b58ccac9b081bf8a32961744fa33611777c

  • Size

    59KB

  • Sample

    241121-n9hycswpdn

  • MD5

    965caea3add9727d5279e06f9d4ae449

  • SHA1

    c1672b545aad4ff2889f66078f5a690b61377285

  • SHA256

    f3927522cbc33f783308e84209e64b58ccac9b081bf8a32961744fa33611777c

  • SHA512

    182c300c7d1bf89c1d466a21e7f6eae83fdb372f024344e0b32e498ad249a5f06406c108faabef19166b952f7f21d1731b64cccf2f117476f8bafff27d4f6172

  • SSDEEP

    1536:tTtITSk51Ib6O/ln9LO3tDCiAOENCyVso:txw9yFl9LctDuObeso

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      f3927522cbc33f783308e84209e64b58ccac9b081bf8a32961744fa33611777c

    • Size

      59KB

    • MD5

      965caea3add9727d5279e06f9d4ae449

    • SHA1

      c1672b545aad4ff2889f66078f5a690b61377285

    • SHA256

      f3927522cbc33f783308e84209e64b58ccac9b081bf8a32961744fa33611777c

    • SHA512

      182c300c7d1bf89c1d466a21e7f6eae83fdb372f024344e0b32e498ad249a5f06406c108faabef19166b952f7f21d1731b64cccf2f117476f8bafff27d4f6172

    • SSDEEP

      1536:tTtITSk51Ib6O/ln9LO3tDCiAOENCyVso:txw9yFl9LctDuObeso

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks