Overview

overview

10

Static

static

3

35bf779ed5...fb.exe

windows7-x64

10

35bf779ed5...fb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    35bf779ed58a75b92a6af1fe34864c93742819c8276ba8ce7df745c1653534fb.exe

  • Size

    97KB

  • Sample

    241130-fyv5jsyndr

  • MD5

    d8f0ce5af3880a0798e6d11d4d7c306f

  • SHA1

    53f220e31c2adedd02979a23945b79d778d15623

  • SHA256

    35bf779ed58a75b92a6af1fe34864c93742819c8276ba8ce7df745c1653534fb

  • SHA512

    e85fb5e2f0228c9193c6ac490c0f8aa4fadb46d18470155c60fa5da7591fcdfdad150ccbc9ee017ea11a0f08d1388fb0322ce2ba896ea6c5bf24e9bea2b4e1dd

  • SSDEEP

    1536:362Tt+yk4GRpQJ5gTkX3XClta72XGPPxp3QpvJXeYZO:3BO4GR+J5KkX32A7HhQpJXeKO

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      35bf779ed58a75b92a6af1fe34864c93742819c8276ba8ce7df745c1653534fb.exe

    • Size

      97KB

    • MD5

      d8f0ce5af3880a0798e6d11d4d7c306f

    • SHA1

      53f220e31c2adedd02979a23945b79d778d15623

    • SHA256

      35bf779ed58a75b92a6af1fe34864c93742819c8276ba8ce7df745c1653534fb

    • SHA512

      e85fb5e2f0228c9193c6ac490c0f8aa4fadb46d18470155c60fa5da7591fcdfdad150ccbc9ee017ea11a0f08d1388fb0322ce2ba896ea6c5bf24e9bea2b4e1dd

    • SSDEEP

      1536:362Tt+yk4GRpQJ5gTkX3XClta72XGPPxp3QpvJXeYZO:3BO4GR+J5KkX32A7HhQpJXeKO

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks