berbew | 8179de7271f5ae350335e3960b1bca69c4f9c051b500d04c00296c4c29efe6a3 | Triage

Sharing

General

Target

8179de7271f5ae350335e3960b1bca69c4f9c051b500d04c00296c4c29efe6a3
Size

344KB
Sample

250307-zea5tawtfz
MD5

b9930e892fbdb384884e53fac979c2dd
SHA1

da3729b869c52d3907067d80fb586c4c8f70d834
SHA256

8179de7271f5ae350335e3960b1bca69c4f9c051b500d04c00296c4c29efe6a3
SHA512

e0d236074ee99ea02ab1191db693173331c31ab4b2833ff58f251f714322a0efbe9320f8982dfa4ccc21c05eb66b01889fb0899d204f5ba23128bdd66374fd93
SSDEEP

6144:30IW5NCpX2/mnbzvdLaD6OkPgl6bmIjlQFn:JICpXImbzQD6OkPgl6bmIjKn

Score

10^/10

berbew backdoor discovery

Malware Config

Extracted

Family

berbew

C2

http://tat-neftbank.ru/kkq.php

http://tat-neftbank.ru/wcmd.htm

Targets

- Target
  
  8179de7271f5ae350335e3960b1bca69c4f9c051b500d04c00296c4c29efe6a3
- Size
  
  344KB
- MD5
  
  b9930e892fbdb384884e53fac979c2dd
- SHA1
  
  da3729b869c52d3907067d80fb586c4c8f70d834
- SHA256
  
  8179de7271f5ae350335e3960b1bca69c4f9c051b500d04c00296c4c29efe6a3
- SHA512
  
  e0d236074ee99ea02ab1191db693173331c31ab4b2833ff58f251f714322a0efbe9320f8982dfa4ccc21c05eb66b01889fb0899d204f5ba23128bdd66374fd93
- SSDEEP
  
  6144:30IW5NCpX2/mnbzvdLaD6OkPgl6bmIjlQFn:JICpXImbzQD6OkPgl6bmIjKn
Score

10^/10

berbew backdoor discovery
- Berbew
  Berbew is a backdoor written in C++.
  backdoor berbew
- Berbew family
  berbew
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

berbewbackdoordiscovery

behavioral2

berbewbackdoordiscovery