Analysis
-
max time kernel
96s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
25-12-2024 20:51
General
-
Target
88eab78877a7e52ce22c31b0849df400603a0c6b821a57e8cc2bb8eeb2fcafe2.exe
-
Size
472KB
-
MD5
2f852df60d2c6c030fefceeebce81866
-
SHA1
38fb18e262e9ffcb6cb1b69ed83a102e09269da6
-
SHA256
88eab78877a7e52ce22c31b0849df400603a0c6b821a57e8cc2bb8eeb2fcafe2
-
SHA512
ad14bcd82025e0607e34142b6ad2488956c753662928dc766930e2eb4d005d0adfe67fb4bba034b09bd4494232a42e22feecf624bd95015b08870cae3bdd7ca6
-
SSDEEP
3072:YL8RinudiP52xx67lLd7iHDo0FA79YFQHyd+vHQNpNo:FkgiPA6RhP1uGf/QN3o
Score
10/10
Malware Config
Signatures
-
Berbew
Berbew is a backdoor written in C++.
-
Berbew family
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\88eab78877a7e52ce22c31b0849df400603a0c6b821a57e8cc2bb8eeb2fcafe2.exe"C:\Users\Admin\AppData\Local\Temp\88eab78877a7e52ce22c31b0849df400603a0c6b821a57e8cc2bb8eeb2fcafe2.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 216 -s 1762⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 216 -ip 2161⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
472KB