General

  • Target

    a8964451f23af0dec9b06a57f43260a0c985ebf69b52be72d9c6aea663680230N.exe

  • Size

    74KB

  • Sample

    241130-fr2zhstpas

  • MD5

    b326ed69c76644a2acad381668be7110

  • SHA1

    6dc0cd02ad41e59942829c6d5fccd95395945254

  • SHA256

    a8964451f23af0dec9b06a57f43260a0c985ebf69b52be72d9c6aea663680230

  • SHA512

    f0d6825af7601f1b5eb7a5f6858ee1b34140a74d40141c130de11be8dc66722d5fa0b70b3d16cb9628614f51db30d0efe9ac85ecdfeb55caca3af76ddd17c4f8

  • SSDEEP

    1536:A8Xsbe+BEOnZglWrVfP8K/Xmg6wFvjT/3ierXT7/LsieOm:AFbX9ZGgX8GXzL3rXTbm

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      a8964451f23af0dec9b06a57f43260a0c985ebf69b52be72d9c6aea663680230N.exe

    • Size

      74KB

    • MD5

      b326ed69c76644a2acad381668be7110

    • SHA1

      6dc0cd02ad41e59942829c6d5fccd95395945254

    • SHA256

      a8964451f23af0dec9b06a57f43260a0c985ebf69b52be72d9c6aea663680230

    • SHA512

      f0d6825af7601f1b5eb7a5f6858ee1b34140a74d40141c130de11be8dc66722d5fa0b70b3d16cb9628614f51db30d0efe9ac85ecdfeb55caca3af76ddd17c4f8

    • SSDEEP

      1536:A8Xsbe+BEOnZglWrVfP8K/Xmg6wFvjT/3ierXT7/LsieOm:AFbX9ZGgX8GXzL3rXTbm

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Berbew

      Berbew is a backdoor written in C++.

    • Berbew family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.