General

  • Target

    491071981f400c133c6fea7ee207602ae68e3a5bcf0ffcdb38109d7cf89e9937N

  • Size

    111KB

  • MD5

    ba7f7a132d906c079509efcd694c8d00

  • SHA1

    d27d38e939d3178837ed920d6b0b1cf3512c03a3

  • SHA256

    491071981f400c133c6fea7ee207602ae68e3a5bcf0ffcdb38109d7cf89e9937

  • SHA512

    a0fd085ab417e7f54afc588b39b7d36631960d1df0ec9f13bbfe0323d87a4712745a4610a030a9814bf6507bfd69f2e28a0b6cb366a900b63f5d8db0ca8bc8a8

  • SSDEEP

    3072:f/ylv58rwtT3rXaD1p5F2pehE9pui6yYPaI7Dehib:fqlvHpba1nL8pui6yYPaIGcb

Score
10/10

Malware Config

Extracted

Family

berbew

C2

http://viruslist.com/wcmd.txt

http://viruslist.com/ppslog.php

http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Signatures

  • Berbew family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 491071981f400c133c6fea7ee207602ae68e3a5bcf0ffcdb38109d7cf89e9937N
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections