berbew | c55e156cdfdf5522723fee7165d07a5d90faec1070fe9a6bf628e0d298a0e251N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c55e156cdfdf5522723fee7165d07a5d90faec1070fe9a6bf628e0d298a0e251N
Size

128KB
MD5

f8a66559641c5b479efd393f7d7f0680
SHA1

1cf609db9e0e49a864bff228853e832aa1feb6ad
SHA256

c55e156cdfdf5522723fee7165d07a5d90faec1070fe9a6bf628e0d298a0e251
SHA512

61f4965dd33c9cf661d9de8219243fa97cd28c576c1fb60afd5bfa4d36747faa2422a91421438feba845df011a443f69beeda7a8a175ba13085196a6613c5517
SSDEEP

1536:nJVXWhFjXC5TkTxJRY34TtZyX0DA/f5xfocbj+xQKQofAFjMQ0CzrIxaYns++dyn:rXyMkTxEuY0s/vjj+2KQO+zrIxFnB+dM

Score

10^/10

berbew

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Signatures

Berbew family
berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c55e156cdfdf5522723fee7165d07a5d90faec1070fe9a6bf628e0d298a0e251N

Files

c55e156cdfdf5522723fee7165d07a5d90faec1070fe9a6bf628e0d298a0e251N
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ