berbew | c0f3c130444e58e3a78a79673cad593ea3e390396e408328c17171de66280766 | Triage

Sharing

General

Target

c0f3c130444e58e3a78a79673cad593ea3e390396e408328c17171de66280766
Size

59KB
Sample

241212-cz9gsaxmey
MD5

74968a7dc2eb046086f14bc3ec94a6df
SHA1

0f91c6384cc320abaa1c5627824671f690a8f41b
SHA256

c0f3c130444e58e3a78a79673cad593ea3e390396e408328c17171de66280766
SHA512

dc1aa4f56bba3d4e2fd49a5195f39b20a0c698daf9707d96b923dc418871bdea8558fd11e4e9a1db54b3c84da9ae97da3fd9df003a9953e95144f0597f9451eb
SSDEEP

768:xpz0V93fAu1o7/CaU453kS9MFJ98BQtfNTthvZ/1H5s5nf1fZMEBFELvkVgFRo:L0zbaUgjQFfh72NCyVso

Score

10^/10

berbew bruteratel backdoor discovery persistence

Malware Config

Targets

- Target
  
  c0f3c130444e58e3a78a79673cad593ea3e390396e408328c17171de66280766
- Size
  
  59KB
- MD5
  
  74968a7dc2eb046086f14bc3ec94a6df
- SHA1
  
  0f91c6384cc320abaa1c5627824671f690a8f41b
- SHA256
  
  c0f3c130444e58e3a78a79673cad593ea3e390396e408328c17171de66280766
- SHA512
  
  dc1aa4f56bba3d4e2fd49a5195f39b20a0c698daf9707d96b923dc418871bdea8558fd11e4e9a1db54b3c84da9ae97da3fd9df003a9953e95144f0597f9451eb
- SSDEEP
  
  768:xpz0V93fAu1o7/CaU453kS9MFJ98BQtfNTthvZ/1H5s5nf1fZMEBFELvkVgFRo:L0zbaUgjQFfh72NCyVso
Score

10^/10

berbew backdoor discovery persistence bruteratel
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Berbew
  Berbew is a backdoor written in C++.
  backdoor berbew
- Berbew family
  berbew
- Brute Ratel C4
  A customized command and control framework for red teaming and adversary simulation.
  backdoor bruteratel
- Bruteratel family
  bruteratel
- Detect BruteRatel badger
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

berbewbackdoordiscoverypersistence

behavioral2

berbewbruteratelbackdoordiscoverypersistence