General
-
Target
af32cbe61ae9ec0f88ce59143e9c68541bf325979ad0f385551c187348205118
-
Size
256KB
-
Sample
241107-dqqhzsthra
-
MD5
d7ed3203c2d0fe77d6f7d50081f9ab61
-
SHA1
a6d0229dda31c8a4709043ce6c253f9b188a9a47
-
SHA256
af32cbe61ae9ec0f88ce59143e9c68541bf325979ad0f385551c187348205118
-
SHA512
0e103a80b696298dd988c7b834aaa8424a68181763fd09a364e9e2bb78e451055b486096e8b56b23750e100ea52d0ce6fd1045501ac9626ca2274b26fbf49f18
-
SSDEEP
6144:BVsljjLubsTLp103ETiZ0moGP/2dga1mcywM:4Z/pScXwuR1mKM
Behavioral task
behavioral1
Sample
af32cbe61ae9ec0f88ce59143e9c68541bf325979ad0f385551c187348205118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
af32cbe61ae9ec0f88ce59143e9c68541bf325979ad0f385551c187348205118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
af32cbe61ae9ec0f88ce59143e9c68541bf325979ad0f385551c187348205118
-
Size
256KB
-
MD5
d7ed3203c2d0fe77d6f7d50081f9ab61
-
SHA1
a6d0229dda31c8a4709043ce6c253f9b188a9a47
-
SHA256
af32cbe61ae9ec0f88ce59143e9c68541bf325979ad0f385551c187348205118
-
SHA512
0e103a80b696298dd988c7b834aaa8424a68181763fd09a364e9e2bb78e451055b486096e8b56b23750e100ea52d0ce6fd1045501ac9626ca2274b26fbf49f18
-
SSDEEP
6144:BVsljjLubsTLp103ETiZ0moGP/2dga1mcywM:4Z/pScXwuR1mKM
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-