Analysis
-
max time kernel
93s -
max time network
97s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
08-12-2024 01:00
General
-
Target
a228d13fbee11795606628b73ed93a2aecc89374b175be3d7d326f4aca69a4faN.exe
-
Size
472KB
-
MD5
819e8a8f094e400b48944e21eb7c3970
-
SHA1
59155fe228cec7c3d0cbb17cc02a7f469c25adcc
-
SHA256
a228d13fbee11795606628b73ed93a2aecc89374b175be3d7d326f4aca69a4fa
-
SHA512
21923fc3d165d88415d1054a7fd771495159743e847197524ab41273f87718fcf4b64f8ec10ab0e3b965a3d4473139aeac625fc5a43b023b77e721b1b53cb27d
-
SSDEEP
3072:Us8RinudiP52xx67lLdhiHDowlUkewKuC5kuDFYK654r:+kgiPA6RPPnWKt5kSYyr
Score
10/10
Malware Config
Signatures
-
Berbew
Berbew is a backdoor written in C++.
-
Berbew family
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\a228d13fbee11795606628b73ed93a2aecc89374b175be3d7d326f4aca69a4faN.exe"C:\Users\Admin\AppData\Local\Temp\a228d13fbee11795606628b73ed93a2aecc89374b175be3d7d326f4aca69a4faN.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2596 -s 2242⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2596 -ip 25961⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
472KB