General
-
Target
a9158bc3be8cb2cc61cf10fa1f4a5dbb5b52456e2e5aa2f04cde89fccc8c401bN
-
Size
104KB
-
Sample
241107-fanessxrgm
-
MD5
b485a267716beb0b79680100b6dd39e0
-
SHA1
f3f9518c52cbe8d6117c1537b5fbdd38c27d5316
-
SHA256
a9158bc3be8cb2cc61cf10fa1f4a5dbb5b52456e2e5aa2f04cde89fccc8c401b
-
SHA512
d101647c65e8495d898d4a773c7073b12d7d422f744a58fe19cc137947f83cb7fbe2a8407bcf6bb439622cc4b37366593cfe2bf1231a0b75fefcc096a0af6f0b
-
SSDEEP
3072:H6Sy8SC4Zq62dPemGum3j44e5Tx7cEGrhkngpDvchkqbAIQ:H6SPMIRdPeqm3j4z5Tx4brq2Ah
Behavioral task
behavioral1
Sample
a9158bc3be8cb2cc61cf10fa1f4a5dbb5b52456e2e5aa2f04cde89fccc8c401bN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
a9158bc3be8cb2cc61cf10fa1f4a5dbb5b52456e2e5aa2f04cde89fccc8c401bN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
a9158bc3be8cb2cc61cf10fa1f4a5dbb5b52456e2e5aa2f04cde89fccc8c401bN
-
Size
104KB
-
MD5
b485a267716beb0b79680100b6dd39e0
-
SHA1
f3f9518c52cbe8d6117c1537b5fbdd38c27d5316
-
SHA256
a9158bc3be8cb2cc61cf10fa1f4a5dbb5b52456e2e5aa2f04cde89fccc8c401b
-
SHA512
d101647c65e8495d898d4a773c7073b12d7d422f744a58fe19cc137947f83cb7fbe2a8407bcf6bb439622cc4b37366593cfe2bf1231a0b75fefcc096a0af6f0b
-
SSDEEP
3072:H6Sy8SC4Zq62dPemGum3j44e5Tx7cEGrhkngpDvchkqbAIQ:H6SPMIRdPeqm3j4z5Tx4brq2Ah
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-