General
-
Target
ca49d881e20c2a1bbac7c28f71dda210b5cc9beee0fb4a59f8555a0fa49143cfN
-
Size
464KB
-
Sample
241107-j1w2eaxqc1
-
MD5
c93277a3698554580d95d61fdd1eb7d0
-
SHA1
6d72f0c13368740be1211bb29527effdf5974c84
-
SHA256
ca49d881e20c2a1bbac7c28f71dda210b5cc9beee0fb4a59f8555a0fa49143cf
-
SHA512
1cb4f166d373693863f5473bad10c07e950812452b588bb110f11f51cbadb85475cb5456b9b4b81eebe174dfb0a0c17d2a1ab3aa52b2be9a021e186520773080
-
SSDEEP
12288:hqijENSz9ah2kkkkK4kXkkkkkkkkl888888888888888888nusG:hfLz9ah2kkkkK4kXkkkkkkkkK
Static task
static1
Behavioral task
behavioral1
Sample
ca49d881e20c2a1bbac7c28f71dda210b5cc9beee0fb4a59f8555a0fa49143cfN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ca49d881e20c2a1bbac7c28f71dda210b5cc9beee0fb4a59f8555a0fa49143cfN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
ca49d881e20c2a1bbac7c28f71dda210b5cc9beee0fb4a59f8555a0fa49143cfN
-
Size
464KB
-
MD5
c93277a3698554580d95d61fdd1eb7d0
-
SHA1
6d72f0c13368740be1211bb29527effdf5974c84
-
SHA256
ca49d881e20c2a1bbac7c28f71dda210b5cc9beee0fb4a59f8555a0fa49143cf
-
SHA512
1cb4f166d373693863f5473bad10c07e950812452b588bb110f11f51cbadb85475cb5456b9b4b81eebe174dfb0a0c17d2a1ab3aa52b2be9a021e186520773080
-
SSDEEP
12288:hqijENSz9ah2kkkkK4kXkkkkkkkkl888888888888888888nusG:hfLz9ah2kkkkK4kXkkkkkkkkK
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-