Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20250217-en -
resource tags
-
submitted
06/03/2025, 03:59
General
-
Target
69ee73e99671ddf9b3632f03383608e9154cabc44f5fb11b0f2a201b039f9e83.exe
-
Size
472KB
-
MD5
9b4c0a89113dbd6b407fed3ffa93c773
-
SHA1
bb9c7f688e3fc7ebd9fba1e5598e87ac8aa57d31
-
SHA256
69ee73e99671ddf9b3632f03383608e9154cabc44f5fb11b0f2a201b039f9e83
-
SHA512
dcc83a1412d5292be1226e192729a2a469b4837a1c458abe48ce20fa2ac19e4e76399096fad58821a90f5c632de0c714f04b9d9ae114a127da005c4ba5d440fb
-
SSDEEP
3072:H8RinudiP52xx67lLdNiHDoRFMY4x0D/3sEqKPANTVeZbikDIp2:ckgiPA6RjPReYVDkEqXNxC
Score
10/10
Malware Config
Signatures
-
Berbew
Berbew is a backdoor written in C++.
-
Berbew family
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\69ee73e99671ddf9b3632f03383608e9154cabc44f5fb11b0f2a201b039f9e83.exe"C:\Users\Admin\AppData\Local\Temp\69ee73e99671ddf9b3632f03383608e9154cabc44f5fb11b0f2a201b039f9e83.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4732 -s 2242⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4732 -ip 47321⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
472KB