General
-
Target
48a54095e11fdc4d698292d3ade93ec347ceff0e41b9f662fe91d8806c089865N
-
Size
556KB
-
Sample
241109-g911lszckr
-
MD5
b5f9fa5706661bdc0c06d454d40dc1e0
-
SHA1
b9e748ab3de544554771c1403631e45b7c99dcda
-
SHA256
48a54095e11fdc4d698292d3ade93ec347ceff0e41b9f662fe91d8806c089865
-
SHA512
93670986b85ac50cb89bba9bff0de76bc6f91d47ce48a681b79d559a8fd4144a138aa2df2079537babbe2c09512d6cc2f1b118431247108e8eea73c4ca59facc
-
SSDEEP
12288:r8jF97aOlxzr3cOK3TajRfXFMKNxr9Z7tEGVqT4Df:r8jL7aOlxzLyTajRfXFMKNxr9Z7tEGVJ
Static task
static1
Behavioral task
behavioral1
Sample
48a54095e11fdc4d698292d3ade93ec347ceff0e41b9f662fe91d8806c089865N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
48a54095e11fdc4d698292d3ade93ec347ceff0e41b9f662fe91d8806c089865N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
48a54095e11fdc4d698292d3ade93ec347ceff0e41b9f662fe91d8806c089865N
-
Size
556KB
-
MD5
b5f9fa5706661bdc0c06d454d40dc1e0
-
SHA1
b9e748ab3de544554771c1403631e45b7c99dcda
-
SHA256
48a54095e11fdc4d698292d3ade93ec347ceff0e41b9f662fe91d8806c089865
-
SHA512
93670986b85ac50cb89bba9bff0de76bc6f91d47ce48a681b79d559a8fd4144a138aa2df2079537babbe2c09512d6cc2f1b118431247108e8eea73c4ca59facc
-
SSDEEP
12288:r8jF97aOlxzr3cOK3TajRfXFMKNxr9Z7tEGVqT4Df:r8jL7aOlxzLyTajRfXFMKNxr9Z7tEGVJ
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-