Overview

overview

10

Static

static

3

760d21a263...93.exe

windows7-x64

10

760d21a263...93.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    760d21a26310768dda5ed9f2de97b4d8b25451e0e66b43bfeb9b2df8f44cf493

  • Size

    88KB

  • Sample

    250306-fk381azk19

  • MD5

    075ab501e8110909d97fa2650de70182

  • SHA1

    ba9f83401f4cadd10c313a1d31d32fa9cd9b17d6

  • SHA256

    760d21a26310768dda5ed9f2de97b4d8b25451e0e66b43bfeb9b2df8f44cf493

  • SHA512

    a04d511f01703a79ad612615e9fd23cecd1d7b719f6516985605ac0f111a83d58e21fb754dd12792459392a84c61d955a97cd8078f76cd93217563b44a497cfb

  • SSDEEP

    1536:N3nV0uMpu1D100QEylcrfqO2k+169UH3AfI4zgv2lX+/CTDG+xn:r0b01D3Q5lcrSc+169UXm9UOlcCTS+1

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      760d21a26310768dda5ed9f2de97b4d8b25451e0e66b43bfeb9b2df8f44cf493

    • Size

      88KB

    • MD5

      075ab501e8110909d97fa2650de70182

    • SHA1

      ba9f83401f4cadd10c313a1d31d32fa9cd9b17d6

    • SHA256

      760d21a26310768dda5ed9f2de97b4d8b25451e0e66b43bfeb9b2df8f44cf493

    • SHA512

      a04d511f01703a79ad612615e9fd23cecd1d7b719f6516985605ac0f111a83d58e21fb754dd12792459392a84c61d955a97cd8078f76cd93217563b44a497cfb

    • SSDEEP

      1536:N3nV0uMpu1D100QEylcrfqO2k+169UH3AfI4zgv2lX+/CTDG+xn:r0b01D3Q5lcrSc+169UXm9UOlcCTS+1

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks