General
-
Target
787d917ac7d60abbc8aab5c18be20e7f233484eb8789ea531bd13f351d69575dN
-
Size
481KB
-
Sample
241109-la65sssaqn
-
MD5
aa2f78a2da5e6af95722ce938b7bfc10
-
SHA1
800d13361e8dafe8ebcc0d127e6c5544efb10f2a
-
SHA256
787d917ac7d60abbc8aab5c18be20e7f233484eb8789ea531bd13f351d69575d
-
SHA512
d2b675ce60d4f8bd8e35d52738b7a9f27edd61b0fc95d6ead796c34aff76e7876fc3a66ce0dd6d83b386b0771f6bcbf0aaaa3be238f4ef350cd8f915f1e289e8
-
SSDEEP
6144:qC7Wt8thQC/HJl8FM6234lKm3mo8Yvi4KsLTFM6234lKm3+ry+dBQ:qCnJfJyFB24lwR45FB24l4++dBQ
Static task
static1
Behavioral task
behavioral1
Sample
787d917ac7d60abbc8aab5c18be20e7f233484eb8789ea531bd13f351d69575dN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
787d917ac7d60abbc8aab5c18be20e7f233484eb8789ea531bd13f351d69575dN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
787d917ac7d60abbc8aab5c18be20e7f233484eb8789ea531bd13f351d69575dN
-
Size
481KB
-
MD5
aa2f78a2da5e6af95722ce938b7bfc10
-
SHA1
800d13361e8dafe8ebcc0d127e6c5544efb10f2a
-
SHA256
787d917ac7d60abbc8aab5c18be20e7f233484eb8789ea531bd13f351d69575d
-
SHA512
d2b675ce60d4f8bd8e35d52738b7a9f27edd61b0fc95d6ead796c34aff76e7876fc3a66ce0dd6d83b386b0771f6bcbf0aaaa3be238f4ef350cd8f915f1e289e8
-
SSDEEP
6144:qC7Wt8thQC/HJl8FM6234lKm3mo8Yvi4KsLTFM6234lKm3+ry+dBQ:qCnJfJyFB24lwR45FB24l4++dBQ
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-