Behavioral task
behavioral1
Sample
15e9fb4558b3010bcccafe2819df8ed048570ab949367b93f1c0f04efb0161fbN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
15e9fb4558b3010bcccafe2819df8ed048570ab949367b93f1c0f04efb0161fbN.exe
Resource
win10v2004-20240910-en
General
-
Target
15e9fb4558b3010bcccafe2819df8ed048570ab949367b93f1c0f04efb0161fbN
-
Size
208KB
-
MD5
dd370823942f13412a3334bf225b1840
-
SHA1
6af426539b2b0bedee25d88ace5b2a50022b3d89
-
SHA256
15e9fb4558b3010bcccafe2819df8ed048570ab949367b93f1c0f04efb0161fb
-
SHA512
fd3f65902481dc1dcdb9648a6f616536cfbf401c9a202a2ea05afc55fca7c17f16c46fbfb0d61b1b3da18cf06924bc01388581c2b79b6c1071ddaccc6c797ead
-
SSDEEP
3072:TFBsNbXv5HBh21XDiaw57rjrN/6+oXO56hKpi9poF5aY6+oocpGHHQnNJuIb:ofpBA6xrjrNy+Eu6QnFw5+0pU8b
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Signatures
-
Berbew family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 15e9fb4558b3010bcccafe2819df8ed048570ab949367b93f1c0f04efb0161fbN
Files
-
15e9fb4558b3010bcccafe2819df8ed048570ab949367b93f1c0f04efb0161fbN.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 122KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.flh Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ