berbew | a06765574ab0b127f42d2dd3cb6a90f134326a3c650f53370e1b1e634b384213 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a06765574ab0b127f42d2dd3cb6a90f134326a3c650f53370e1b1e634b384213
Size

128KB
MD5

08970060baac7c1ee5b6176175ac8f16
SHA1

50038ac1b164836b58218902287b5739b3e2d046
SHA256

a06765574ab0b127f42d2dd3cb6a90f134326a3c650f53370e1b1e634b384213
SHA512

c71792ad1cc6347f7b2a8fdfb1916719ef6fa209e3af8309188e7a6fe0ef512ba2fa6796329bdbc8648bb1ab1e1f0c2a968bd294f062c7f94c3a73c4f8f1c20c
SSDEEP

3072:pPFLoQwQoyewsMBgL4+Xle3lj9pui6yYPaI7DehizrVtN:pdEQwQVOL2npui6yYPaIGc

Score

10^/10

berbew

Malware Config

Extracted

Family

berbew

C2

http://viruslist.com/wcmd.txt

http://viruslist.com/ppslog.php

http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Signatures

Berbew family
berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a06765574ab0b127f42d2dd3cb6a90f134326a3c650f53370e1b1e634b384213

Files

a06765574ab0b127f42d2dd3cb6a90f134326a3c650f53370e1b1e634b384213
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ajelhf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ