Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20250217-en -
resource tags
-
submitted
06/03/2025, 06:40
General
-
Target
8c386792198fdfcba17fddee623a14fa88b6ff39f108a36545ddd2a47bcf9614.exe
-
Size
472KB
-
MD5
6bd2cf704bbe454fff278fc099220e81
-
SHA1
eee4a3292bc7aed16d92031b52d1e330afc088f0
-
SHA256
8c386792198fdfcba17fddee623a14fa88b6ff39f108a36545ddd2a47bcf9614
-
SHA512
de01ee1ac12059e60d6add9500ed82e0abf85a1dc0ba83f4d3d19c22ed18e084c60569e029f6581decffde935db3c532eb316165df3519cb5c741e75ebe131af
-
SSDEEP
3072:uSaE8RinudiP52xx67lLdwiHDosSanSa4bbbm1XLbwJX/qJM+40:uSaBkgiPA6R6PsSanSaibDJDJ0
Score
10/10
Malware Config
Signatures
-
Berbew
Berbew is a backdoor written in C++.
-
Berbew family
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\8c386792198fdfcba17fddee623a14fa88b6ff39f108a36545ddd2a47bcf9614.exe"C:\Users\Admin\AppData\Local\Temp\8c386792198fdfcba17fddee623a14fa88b6ff39f108a36545ddd2a47bcf9614.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4984 -s 2242⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4984 -ip 49841⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
472KB