Overview

overview

10

Static

static

3

4ed6f24629...aN.exe

windows7-x64

10

4ed6f24629...aN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4ed6f246295e0fd33a3224f1e9e73b8efc9cb965b4994ecf6830db2860ef268aN.exe

  • Size

    60KB

  • Sample

    250120-k2xj1askak

  • MD5

    e879e6c3017f1c97039cc8c2da2e46b0

  • SHA1

    be8f2dac2e9a8ff01cc3f4e4960014c8e166b4db

  • SHA256

    4ed6f246295e0fd33a3224f1e9e73b8efc9cb965b4994ecf6830db2860ef268a

  • SHA512

    9d8e7cbac70424ad3d0ec7e3fbcc005d012e7e8f03eed7ddbfab320b1c8f02b837d88de2de59c4b41631cd97a79983ddab59a69814b88a7c911b7342ef2d1238

  • SSDEEP

    1536:De6c1LIc1rKu9ElSdsYlZoNpAq3Vr/gtweEZ3Y5B86l1rU:S6uIc1rKu9El6sHAWVTgtwxZ3YB86l1Y

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      4ed6f246295e0fd33a3224f1e9e73b8efc9cb965b4994ecf6830db2860ef268aN.exe

    • Size

      60KB

    • MD5

      e879e6c3017f1c97039cc8c2da2e46b0

    • SHA1

      be8f2dac2e9a8ff01cc3f4e4960014c8e166b4db

    • SHA256

      4ed6f246295e0fd33a3224f1e9e73b8efc9cb965b4994ecf6830db2860ef268a

    • SHA512

      9d8e7cbac70424ad3d0ec7e3fbcc005d012e7e8f03eed7ddbfab320b1c8f02b837d88de2de59c4b41631cd97a79983ddab59a69814b88a7c911b7342ef2d1238

    • SSDEEP

      1536:De6c1LIc1rKu9ElSdsYlZoNpAq3Vr/gtweEZ3Y5B86l1rU:S6uIc1rKu9El6sHAWVTgtwxZ3YB86l1Y

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks