General
-
Target
cff2ddb9991a608e31a8a1780b86df5c103e77c3a3a05b6864c5c157e0fa9879
-
Size
384KB
-
Sample
241107-fc53mawekn
-
MD5
fa4ad1b395d70e420eaf3874ce400e63
-
SHA1
4106878d03812dff9af6a8dfab9e720c60e359a8
-
SHA256
cff2ddb9991a608e31a8a1780b86df5c103e77c3a3a05b6864c5c157e0fa9879
-
SHA512
a0b870c7bca2e44ba75d26176cc762d37d038d13b4141be827382aabba671e1a22b1d0c78ed2ad0714337fce1225bf680c664e00420b227e8dcb2d14491fdce7
-
SSDEEP
6144:PbcLv4cpmfPHNVR2AGyZ6YugQdjGG1wsKm6eBgdQbkoKTBEAz/6DG1ETdqvZNem+:PbmvKFVRXGyXu1jGG1wsGeBgRTGAzciC
Static task
static1
Behavioral task
behavioral1
Sample
cff2ddb9991a608e31a8a1780b86df5c103e77c3a3a05b6864c5c157e0fa9879.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cff2ddb9991a608e31a8a1780b86df5c103e77c3a3a05b6864c5c157e0fa9879.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
cff2ddb9991a608e31a8a1780b86df5c103e77c3a3a05b6864c5c157e0fa9879
-
Size
384KB
-
MD5
fa4ad1b395d70e420eaf3874ce400e63
-
SHA1
4106878d03812dff9af6a8dfab9e720c60e359a8
-
SHA256
cff2ddb9991a608e31a8a1780b86df5c103e77c3a3a05b6864c5c157e0fa9879
-
SHA512
a0b870c7bca2e44ba75d26176cc762d37d038d13b4141be827382aabba671e1a22b1d0c78ed2ad0714337fce1225bf680c664e00420b227e8dcb2d14491fdce7
-
SSDEEP
6144:PbcLv4cpmfPHNVR2AGyZ6YugQdjGG1wsKm6eBgdQbkoKTBEAz/6DG1ETdqvZNem+:PbmvKFVRXGyXu1jGG1wsGeBgRTGAzciC
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-