General

  • Target

    9db819cf032997641da0703514e03d45e5bcd8112e662605767c53acaa274a54

  • Size

    96KB

  • Sample

    250311-dntgvsymz6

  • MD5

    3ae66df703359c196d96a932476a34de

  • SHA1

    8dd39be5af4f30a7fce7c33844084accda864f07

  • SHA256

    9db819cf032997641da0703514e03d45e5bcd8112e662605767c53acaa274a54

  • SHA512

    36311e9336edea531c379c16a2b33c9d6ee86bea9ef5e26859fc867df318d3b06e126fd4b69587184d8f3570b0858ba9a037ed0d80d9248d7c9f40daa30e83ad

  • SSDEEP

    1536:/8dltpEPav48Bc7N2v32LCY7RZObZUUWaegPYAm:EFtcocFClUUWaeN

Malware Config

Extracted

Family

berbew

C2

http://crutop.nu/index.php

http://crutop.ru/index.php

http://mazafaka.ru/index.php

http://color-bank.ru/index.php

http://asechka.ru/index.php

http://trojan.ru/index.php

http://fuck.ru/index.php

http://goldensand.ru/index.php

http://filesearch.ru/index.php

http://devx.nm.ru/index.php

http://ros-neftbank.ru/index.php

http://lovingod.host.sk/index.php

http://www.redline.ru/index.php

http://cvv.ru/index.php

http://hackers.lv/index.php

http://fethard.biz/index.php

http://ldark.nm.ru/index.htm

http://gaz-prom.ru/index.htm

http://promo.ru/index.htm

http://potleaf.chat.ru/index.htm

Targets

    • Target

      9db819cf032997641da0703514e03d45e5bcd8112e662605767c53acaa274a54

    • Size

      96KB

    • MD5

      3ae66df703359c196d96a932476a34de

    • SHA1

      8dd39be5af4f30a7fce7c33844084accda864f07

    • SHA256

      9db819cf032997641da0703514e03d45e5bcd8112e662605767c53acaa274a54

    • SHA512

      36311e9336edea531c379c16a2b33c9d6ee86bea9ef5e26859fc867df318d3b06e126fd4b69587184d8f3570b0858ba9a037ed0d80d9248d7c9f40daa30e83ad

    • SSDEEP

      1536:/8dltpEPav48Bc7N2v32LCY7RZObZUUWaegPYAm:EFtcocFClUUWaeN

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Berbew

      Berbew is a backdoor written in C++.

    • Berbew family

    • Brute Ratel C4

      A customized command and control framework for red teaming and adversary simulation.

    • Bruteratel family

    • Detect BruteRatel badger

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.