Analysis
-
max time kernel
94s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
25-12-2024 16:07
General
-
Target
198f10d2baa319399f46d8f7f744ca20e4c6ea92e923d5479487814fe4cd050a.exe
-
Size
472KB
-
MD5
ae748f95544c0fe2c489d17a87ee1c0b
-
SHA1
ea8cee9b5a9c7b1c1d18572f20d17f6bdf79c08a
-
SHA256
198f10d2baa319399f46d8f7f744ca20e4c6ea92e923d5479487814fe4cd050a
-
SHA512
6efc6b0c618a8cf17e96d40f6b83e348b071b3a5cb11087a38ab0632d0337b1c3b51eedb0daeb21e58ea38d65e4e6f5dc3963ef9c9b81130a466633093a0daba
-
SSDEEP
3072:08RinudiP52xx67lLdQiHDo0+i+kCsX/d4Gl2MUkLoXoR:RkgiPA6R+P7ifCs14GsMUk3R
Score
10/10
Malware Config
Signatures
-
Berbew
Berbew is a backdoor written in C++.
-
Berbew family
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\198f10d2baa319399f46d8f7f744ca20e4c6ea92e923d5479487814fe4cd050a.exe"C:\Users\Admin\AppData\Local\Temp\198f10d2baa319399f46d8f7f744ca20e4c6ea92e923d5479487814fe4cd050a.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3868 -s 2242⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3868 -ip 38681⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
472KB