General
-
Target
00a5f405098ea2593a15389115583f4150ca7f9f5876acdb9f9746de4007f111N
-
Size
128KB
-
Sample
241109-km338szrbt
-
MD5
8512d61dbe9ff70fd6d9956a090938e0
-
SHA1
74ad6fda72b587034aad248659f7b44085f6fecf
-
SHA256
00a5f405098ea2593a15389115583f4150ca7f9f5876acdb9f9746de4007f111
-
SHA512
596ccc8f0c3ac2582e5743817414c1a091d4d9193ee93c9816308e5d4ba215a74eff17b11b50dbc8910710d9977c1bfe611f7b0698519a364d71b9e4a546fb08
-
SSDEEP
1536:Q2bokWIYV3/qK4vbzOt/tI7Z0fmJccrjf8t4p/IqhXM0ZcWiqgF72S7f/QuMXi1/:AtZAXFrjUtg/IQXdmW2wS7IrHrYj
Static task
static1
Behavioral task
behavioral1
Sample
00a5f405098ea2593a15389115583f4150ca7f9f5876acdb9f9746de4007f111N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
00a5f405098ea2593a15389115583f4150ca7f9f5876acdb9f9746de4007f111N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
00a5f405098ea2593a15389115583f4150ca7f9f5876acdb9f9746de4007f111N
-
Size
128KB
-
MD5
8512d61dbe9ff70fd6d9956a090938e0
-
SHA1
74ad6fda72b587034aad248659f7b44085f6fecf
-
SHA256
00a5f405098ea2593a15389115583f4150ca7f9f5876acdb9f9746de4007f111
-
SHA512
596ccc8f0c3ac2582e5743817414c1a091d4d9193ee93c9816308e5d4ba215a74eff17b11b50dbc8910710d9977c1bfe611f7b0698519a364d71b9e4a546fb08
-
SSDEEP
1536:Q2bokWIYV3/qK4vbzOt/tI7Z0fmJccrjf8t4p/IqhXM0ZcWiqgF72S7f/QuMXi1/:AtZAXFrjUtg/IQXdmW2wS7IrHrYj
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-