berbew | 4bce7aac9a1f8bf52fc09a08091de735970136f386001322fcccfe5789397910N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bce7aac9a1f8bf52fc09a08091de735970136f386001322fcccfe5789397910N
Size

128KB
MD5

faabfefd17ee7329a66fee09b347da20
SHA1

ccfb01cb82621abc51778a9a31dd5aa250efefa9
SHA256

4bce7aac9a1f8bf52fc09a08091de735970136f386001322fcccfe5789397910
SHA512

629b9ee97896e4ed5beb281227ce9915c38b96649be762f57de3e44442595c161a67d3f3063c8921876a80cb206e389deda81b949144de4f7a6a92586d0b011a
SSDEEP

3072:Wvm5n3uYDQzzpaQOUe1lj9pui6yYPaI7DehizrVtN:2gn4halvdpui6yYPaIGc

Score

10^/10

berbew

Malware Config

Extracted

Family

berbew

C2

http://viruslist.com/wcmd.txt

http://viruslist.com/ppslog.php

http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Signatures

Berbew family
berbew

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bce7aac9a1f8bf52fc09a08091de735970136f386001322fcccfe5789397910N

Files

4bce7aac9a1f8bf52fc09a08091de735970136f386001322fcccfe5789397910N
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ajelhf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ