General
-
Target
bb30da9b4f1655b88a27ad97bfa57879b2c43ca6332f98d4bf35ead2288a5104N
-
Size
364KB
-
Sample
241109-r41srswflc
-
MD5
a1f625b77a5aa704317f469e11480f50
-
SHA1
862f01c8ae3e04bc10919aec175d332638fa7dbc
-
SHA256
bb30da9b4f1655b88a27ad97bfa57879b2c43ca6332f98d4bf35ead2288a5104
-
SHA512
159c1817a159a323738d9f58b0b84bf3940c56be3695f50b4a075ecc9a7516530bcadd0c52c76e93a33132b1721eed1cf637307136fb98142fa4ee5c70f648d5
-
SSDEEP
6144:DqHRAOqxOBiJ6hV+tbFOLM77OLnFe3HCqxNRmJ4PavntPRRI:DqHRAuYJJtsNePmjvtPRRI
Static task
static1
Behavioral task
behavioral1
Sample
bb30da9b4f1655b88a27ad97bfa57879b2c43ca6332f98d4bf35ead2288a5104N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
bb30da9b4f1655b88a27ad97bfa57879b2c43ca6332f98d4bf35ead2288a5104N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
bb30da9b4f1655b88a27ad97bfa57879b2c43ca6332f98d4bf35ead2288a5104N
-
Size
364KB
-
MD5
a1f625b77a5aa704317f469e11480f50
-
SHA1
862f01c8ae3e04bc10919aec175d332638fa7dbc
-
SHA256
bb30da9b4f1655b88a27ad97bfa57879b2c43ca6332f98d4bf35ead2288a5104
-
SHA512
159c1817a159a323738d9f58b0b84bf3940c56be3695f50b4a075ecc9a7516530bcadd0c52c76e93a33132b1721eed1cf637307136fb98142fa4ee5c70f648d5
-
SSDEEP
6144:DqHRAOqxOBiJ6hV+tbFOLM77OLnFe3HCqxNRmJ4PavntPRRI:DqHRAuYJJtsNePmjvtPRRI
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-