Overview

overview

10

Static

static

3

b7bfedd2f0...65.exe

windows7-x64

10

b7bfedd2f0...65.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b7bfedd2f0dd53a2db7480ec798c1bba697daf3513c9246426971d5d9ad2b965

  • Size

    73KB

  • Sample

    250306-lvxf4avybz

  • MD5

    3b8a12b482dfe7e603a2204acfd8a3a8

  • SHA1

    e0e90ee850e486bc8e3e0275b44215217e165606

  • SHA256

    b7bfedd2f0dd53a2db7480ec798c1bba697daf3513c9246426971d5d9ad2b965

  • SHA512

    a937494623f445f352647bcfe7b5a06ea1e4f7a6fd603cf0a4e548f858f65d24d1ce424f887fed4d37c61c69a2a2684f032158e0cd969812e84267dec60f901c

  • SSDEEP

    1536:bg0+2TjxkQs5mlkZY/MFOzvyAjeD6OVdtcsB4Y1T2MGYYSjP:bx+2Hxki6OZGV/RbT2M0QP

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      b7bfedd2f0dd53a2db7480ec798c1bba697daf3513c9246426971d5d9ad2b965

    • Size

      73KB

    • MD5

      3b8a12b482dfe7e603a2204acfd8a3a8

    • SHA1

      e0e90ee850e486bc8e3e0275b44215217e165606

    • SHA256

      b7bfedd2f0dd53a2db7480ec798c1bba697daf3513c9246426971d5d9ad2b965

    • SHA512

      a937494623f445f352647bcfe7b5a06ea1e4f7a6fd603cf0a4e548f858f65d24d1ce424f887fed4d37c61c69a2a2684f032158e0cd969812e84267dec60f901c

    • SSDEEP

      1536:bg0+2TjxkQs5mlkZY/MFOzvyAjeD6OVdtcsB4Y1T2MGYYSjP:bx+2Hxki6OZGV/RbT2M0QP

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks