Overview

overview

10

Static

static

3

27b4ade644...0d.exe

windows7-x64

10

27b4ade644...0d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27b4ade644653f7ff438170c8d29b96545ce4099a50193dcf847034774889d0d

  • Size

    60KB

  • Sample

    250305-11386a1nt9

  • MD5

    0901bd1a12884ea989d0ed7f544b3490

  • SHA1

    3088b34102d10276b4fd842a26af32e0294ffc66

  • SHA256

    27b4ade644653f7ff438170c8d29b96545ce4099a50193dcf847034774889d0d

  • SHA512

    eb3828ac6c3400b8d6e7cae97633cd086aa951cedd6d09abfdaf8140b71b1e85a82af4eca2c4d6bbfef5432462285f89798a9efba7fb3dc132e95ab6d9f14101

  • SSDEEP

    1536:DCqfmFbx51fwLFBZelSPh3XcMD9A9KFoPbZ1t9Cpd2t7B86l1rs:PGloFHeQpncMD9AgoPb59Tt7B86l1rs

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      27b4ade644653f7ff438170c8d29b96545ce4099a50193dcf847034774889d0d

    • Size

      60KB

    • MD5

      0901bd1a12884ea989d0ed7f544b3490

    • SHA1

      3088b34102d10276b4fd842a26af32e0294ffc66

    • SHA256

      27b4ade644653f7ff438170c8d29b96545ce4099a50193dcf847034774889d0d

    • SHA512

      eb3828ac6c3400b8d6e7cae97633cd086aa951cedd6d09abfdaf8140b71b1e85a82af4eca2c4d6bbfef5432462285f89798a9efba7fb3dc132e95ab6d9f14101

    • SSDEEP

      1536:DCqfmFbx51fwLFBZelSPh3XcMD9A9KFoPbZ1t9Cpd2t7B86l1rs:PGloFHeQpncMD9AgoPb59Tt7B86l1rs

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks