General
-
Target
c970629c847f62362acea1c61fa3f3dd234190ec3c3a20e51516f4863af6ec12N
-
Size
669KB
-
Sample
241109-ppaxpaxlcq
-
MD5
b0fa323aff281611856018d93b0a01f0
-
SHA1
53cf3768e41f1308da809d14298c7b7820825c85
-
SHA256
c970629c847f62362acea1c61fa3f3dd234190ec3c3a20e51516f4863af6ec12
-
SHA512
4fe40b67f0daa66a134fe0097a5d072a3ec3a8d7ee20ca46f83c438392fb8e25b6d3223b57a3cb4b001652b8198dc27be51569c02156fde88d84286e1f902c8a
-
SSDEEP
12288:e7/GfeVKhMpQnqr+cI3a72LXrY6x46UbR/qYglMi:e7/GGchMpQnqrdX72LbY6x46uR/qYglN
Static task
static1
Behavioral task
behavioral1
Sample
c970629c847f62362acea1c61fa3f3dd234190ec3c3a20e51516f4863af6ec12N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c970629c847f62362acea1c61fa3f3dd234190ec3c3a20e51516f4863af6ec12N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
c970629c847f62362acea1c61fa3f3dd234190ec3c3a20e51516f4863af6ec12N
-
Size
669KB
-
MD5
b0fa323aff281611856018d93b0a01f0
-
SHA1
53cf3768e41f1308da809d14298c7b7820825c85
-
SHA256
c970629c847f62362acea1c61fa3f3dd234190ec3c3a20e51516f4863af6ec12
-
SHA512
4fe40b67f0daa66a134fe0097a5d072a3ec3a8d7ee20ca46f83c438392fb8e25b6d3223b57a3cb4b001652b8198dc27be51569c02156fde88d84286e1f902c8a
-
SSDEEP
12288:e7/GfeVKhMpQnqr+cI3a72LXrY6x46UbR/qYglMi:e7/GGchMpQnqrdX72LbY6x46uR/qYglN
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-