Overview

overview

10

Static

static

3

7f59273f19...e2.exe

windows7-x64

10

7f59273f19...e2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f59273f1960821d979fcfbe10f609bd817fba6bb5cb4dce35b0ccc61de677e2

  • Size

    74KB

  • Sample

    241208-alt4tsxlfj

  • MD5

    59530e8b41918391a74977691c81f6fe

  • SHA1

    fbc1468f331a890b61d8fd365ae66439ae119a1d

  • SHA256

    7f59273f1960821d979fcfbe10f609bd817fba6bb5cb4dce35b0ccc61de677e2

  • SHA512

    675e83c9200b3536c7958e8c6936207fca0696b7b07690c5f43b42a5fa6820ebc1c1b1a357ed94c7f40a7bf40863454d1df278e6fe4d5bae60b7bdeb5d45f9dd

  • SSDEEP

    1536:67F3fHzFPYIPdBdZxXtCoRs0CL9w9Oq5u3IWkIHm5BOqtX:67hfFJbdCb9w9Oq5u37ABdtX

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      7f59273f1960821d979fcfbe10f609bd817fba6bb5cb4dce35b0ccc61de677e2

    • Size

      74KB

    • MD5

      59530e8b41918391a74977691c81f6fe

    • SHA1

      fbc1468f331a890b61d8fd365ae66439ae119a1d

    • SHA256

      7f59273f1960821d979fcfbe10f609bd817fba6bb5cb4dce35b0ccc61de677e2

    • SHA512

      675e83c9200b3536c7958e8c6936207fca0696b7b07690c5f43b42a5fa6820ebc1c1b1a357ed94c7f40a7bf40863454d1df278e6fe4d5bae60b7bdeb5d45f9dd

    • SSDEEP

      1536:67F3fHzFPYIPdBdZxXtCoRs0CL9w9Oq5u3IWkIHm5BOqtX:67hfFJbdCb9w9Oq5u37ABdtX

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks