General
-
Target
2981214513b6a605acca454ecaa67a0b8a734e5f8a6420cf9187646e8c876805N
-
Size
285KB
-
Sample
241107-ezsv5sxqdm
-
MD5
dde1854f880dabc3f4e620c4870a0b90
-
SHA1
1fd91b637d6a9d074a5f1e7e85bd0f1f608460ec
-
SHA256
2981214513b6a605acca454ecaa67a0b8a734e5f8a6420cf9187646e8c876805
-
SHA512
e6cb7036244fd47170236b53043f08190e268d40121553af50962a4301243064c11dfdc646a2f6d952a11c62b4ae5b9f8a3c3c2e5e9d87060ba4aaa02ad4be3d
-
SSDEEP
3072:nVjTrvOkiWPx+ghRPUFUeOKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:VjTyk+g3PUFvOKQIoi7tWa
Static task
static1
Behavioral task
behavioral1
Sample
2981214513b6a605acca454ecaa67a0b8a734e5f8a6420cf9187646e8c876805N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
2981214513b6a605acca454ecaa67a0b8a734e5f8a6420cf9187646e8c876805N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
2981214513b6a605acca454ecaa67a0b8a734e5f8a6420cf9187646e8c876805N
-
Size
285KB
-
MD5
dde1854f880dabc3f4e620c4870a0b90
-
SHA1
1fd91b637d6a9d074a5f1e7e85bd0f1f608460ec
-
SHA256
2981214513b6a605acca454ecaa67a0b8a734e5f8a6420cf9187646e8c876805
-
SHA512
e6cb7036244fd47170236b53043f08190e268d40121553af50962a4301243064c11dfdc646a2f6d952a11c62b4ae5b9f8a3c3c2e5e9d87060ba4aaa02ad4be3d
-
SSDEEP
3072:nVjTrvOkiWPx+ghRPUFUeOKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:VjTyk+g3PUFvOKQIoi7tWa
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-