Overview

overview

10

Static

static

3

4f990ecc01...48.exe

windows7-x64

10

4f990ecc01...48.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4f990ecc01cfc06850d3027ed630d8da07c2fed7b23153f72377e41e2d356748

  • Size

    59KB

  • Sample

    250306-btlyvsvnx7

  • MD5

    9248dd9a8ebd43f91db28aaf9141daa2

  • SHA1

    b54fbbefba0e1eaadad4755f704092f1e7c287e8

  • SHA256

    4f990ecc01cfc06850d3027ed630d8da07c2fed7b23153f72377e41e2d356748

  • SHA512

    a1c87464ba1d2d75db5f63e238e4d494a2e7eba1c0a1a67508eb91339dce10bb319e6ca82d541939401019d7b73a798fc5cc5ada4d069f2a6c36e8c5741f9e45

  • SSDEEP

    768:S21j5sZBwAU3xI0JYYNIs2KfRZgb5INSdmuZ/1H59j5nf1fZMEBFELvkVgFRo:91j5sQfYAIU0INSdmUvNNCyVso

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      4f990ecc01cfc06850d3027ed630d8da07c2fed7b23153f72377e41e2d356748

    • Size

      59KB

    • MD5

      9248dd9a8ebd43f91db28aaf9141daa2

    • SHA1

      b54fbbefba0e1eaadad4755f704092f1e7c287e8

    • SHA256

      4f990ecc01cfc06850d3027ed630d8da07c2fed7b23153f72377e41e2d356748

    • SHA512

      a1c87464ba1d2d75db5f63e238e4d494a2e7eba1c0a1a67508eb91339dce10bb319e6ca82d541939401019d7b73a798fc5cc5ada4d069f2a6c36e8c5741f9e45

    • SSDEEP

      768:S21j5sZBwAU3xI0JYYNIs2KfRZgb5INSdmuZ/1H59j5nf1fZMEBFELvkVgFRo:91j5sQfYAIU0INSdmUvNNCyVso

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks