General
-
Target
d35da718548247a65bb232e1975023dbb8138726e3f1c3fe878b4e17d4b746e4N
-
Size
367KB
-
Sample
241107-dta8gavald
-
MD5
d8312d946cfc3489da4b54054af30960
-
SHA1
347e5528b74ca6cd97ee381f87b529c8a03be418
-
SHA256
d35da718548247a65bb232e1975023dbb8138726e3f1c3fe878b4e17d4b746e4
-
SHA512
317a1954178b783f166737a870815c3fe274fb47daf1ab103bae9de2499923eaa26b9b4beb012b05d6f145a147c9537241d0f6431bed6bd50718264c20e9fb08
-
SSDEEP
6144:Zt/QESrdKQYtnJfKXqPTX7D7FM6234lKm3mo8Yvi4KsLTFM6234lKm3cM9:ZdvSrdKxtJCXqP77D7FB24lwR45FB24h
Static task
static1
Behavioral task
behavioral1
Sample
d35da718548247a65bb232e1975023dbb8138726e3f1c3fe878b4e17d4b746e4N.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
d35da718548247a65bb232e1975023dbb8138726e3f1c3fe878b4e17d4b746e4N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
d35da718548247a65bb232e1975023dbb8138726e3f1c3fe878b4e17d4b746e4N
-
Size
367KB
-
MD5
d8312d946cfc3489da4b54054af30960
-
SHA1
347e5528b74ca6cd97ee381f87b529c8a03be418
-
SHA256
d35da718548247a65bb232e1975023dbb8138726e3f1c3fe878b4e17d4b746e4
-
SHA512
317a1954178b783f166737a870815c3fe274fb47daf1ab103bae9de2499923eaa26b9b4beb012b05d6f145a147c9537241d0f6431bed6bd50718264c20e9fb08
-
SSDEEP
6144:Zt/QESrdKQYtnJfKXqPTX7D7FM6234lKm3mo8Yvi4KsLTFM6234lKm3cM9:ZdvSrdKxtJCXqP77D7FB24lwR45FB24h
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-