General
-
Target
dd476bc043a76204ae0c6ba6378a88e7db931b7790ca23f0160573edc80e760eN
-
Size
192KB
-
Sample
241005-19tq3syhmb
-
MD5
c73794f286451119570a80448dafb4e0
-
SHA1
bace354d83f52b1fecfdaaaf162d004e9c9532fb
-
SHA256
dd476bc043a76204ae0c6ba6378a88e7db931b7790ca23f0160573edc80e760e
-
SHA512
0730e79c40d9be7d524ba3b64496e0c49d84b7a445e5a25e0ab77407a95c6b4fbb381ef72c89e8eaf91df2329cae8c7322ef9a2a76f0dfe8314d0ff45941e90f
-
SSDEEP
1536:WzRQ+tcJSZg76FpQmSjBEdBHnkwTznouy8O6Nuf51TQmQM22OwJwTa58nFwWy0wK:WNQkZ06Fq1BELHXLoutkTy27zU
Static task
static1
Behavioral task
behavioral1
Sample
dd476bc043a76204ae0c6ba6378a88e7db931b7790ca23f0160573edc80e760eN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dd476bc043a76204ae0c6ba6378a88e7db931b7790ca23f0160573edc80e760eN.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
dd476bc043a76204ae0c6ba6378a88e7db931b7790ca23f0160573edc80e760eN
-
Size
192KB
-
MD5
c73794f286451119570a80448dafb4e0
-
SHA1
bace354d83f52b1fecfdaaaf162d004e9c9532fb
-
SHA256
dd476bc043a76204ae0c6ba6378a88e7db931b7790ca23f0160573edc80e760e
-
SHA512
0730e79c40d9be7d524ba3b64496e0c49d84b7a445e5a25e0ab77407a95c6b4fbb381ef72c89e8eaf91df2329cae8c7322ef9a2a76f0dfe8314d0ff45941e90f
-
SSDEEP
1536:WzRQ+tcJSZg76FpQmSjBEdBHnkwTznouy8O6Nuf51TQmQM22OwJwTa58nFwWy0wK:WNQkZ06Fq1BELHXLoutkTy27zU
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-