General
-
Target
7672b2a382cf4a8639bb54b150f3e7719a6f650e5b0752ab8f98e7ef4ba403dbN
-
Size
121KB
-
Sample
241109-ntvbfssqc1
-
MD5
b5be42e954cb12bb4ba737a73e42f960
-
SHA1
08e1092df2b9daf439533cf27c4e81133e1a583d
-
SHA256
7672b2a382cf4a8639bb54b150f3e7719a6f650e5b0752ab8f98e7ef4ba403db
-
SHA512
ec3179364fe5b9d3bbc336fe10a28769e585c1469c5db40b364d15a37a534125ae39c7bf46325db63e16a26a4067a7145309068744d6b05e8f7cbe0a9ba27ea0
-
SSDEEP
1536:sh13agEpGXwgcJz9iZlamu/Q91d8HE6PCV19zQYOd5ijJnD5ir3oGuiWDD:sD9gR5M5rKfmO7AJnD5tvv
Behavioral task
behavioral1
Sample
7672b2a382cf4a8639bb54b150f3e7719a6f650e5b0752ab8f98e7ef4ba403dbN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7672b2a382cf4a8639bb54b150f3e7719a6f650e5b0752ab8f98e7ef4ba403dbN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
7672b2a382cf4a8639bb54b150f3e7719a6f650e5b0752ab8f98e7ef4ba403dbN
-
Size
121KB
-
MD5
b5be42e954cb12bb4ba737a73e42f960
-
SHA1
08e1092df2b9daf439533cf27c4e81133e1a583d
-
SHA256
7672b2a382cf4a8639bb54b150f3e7719a6f650e5b0752ab8f98e7ef4ba403db
-
SHA512
ec3179364fe5b9d3bbc336fe10a28769e585c1469c5db40b364d15a37a534125ae39c7bf46325db63e16a26a4067a7145309068744d6b05e8f7cbe0a9ba27ea0
-
SSDEEP
1536:sh13agEpGXwgcJz9iZlamu/Q91d8HE6PCV19zQYOd5ijJnD5ir3oGuiWDD:sD9gR5M5rKfmO7AJnD5tvv
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-