General
-
Target
97be0b1cf52ef29c1eceb4c129b81a9fbb2f6db8b3863de92d2235d65eaa7835
-
Size
401KB
-
Sample
241110-a5la2awckb
-
MD5
cc0aaa82e40a81d4ca68aae1bab9871a
-
SHA1
8ffcedf92efeefe155eba2de8013f48d61126e05
-
SHA256
97be0b1cf52ef29c1eceb4c129b81a9fbb2f6db8b3863de92d2235d65eaa7835
-
SHA512
a0fd95f11b03cd77040144f2acd317edd37111c76ed5b8c67c2af4bd34336de85e4595dee137a9dca5548baf27fd63acc9a20064c9ae0dac8bc514ab03a2f971
-
SSDEEP
6144:/rBU9cyvndpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836PGyA7:FUemndpV6yYP4rbpV6yYPg058KrY
Static task
static1
Behavioral task
behavioral1
Sample
97be0b1cf52ef29c1eceb4c129b81a9fbb2f6db8b3863de92d2235d65eaa7835.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
97be0b1cf52ef29c1eceb4c129b81a9fbb2f6db8b3863de92d2235d65eaa7835.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
97be0b1cf52ef29c1eceb4c129b81a9fbb2f6db8b3863de92d2235d65eaa7835
-
Size
401KB
-
MD5
cc0aaa82e40a81d4ca68aae1bab9871a
-
SHA1
8ffcedf92efeefe155eba2de8013f48d61126e05
-
SHA256
97be0b1cf52ef29c1eceb4c129b81a9fbb2f6db8b3863de92d2235d65eaa7835
-
SHA512
a0fd95f11b03cd77040144f2acd317edd37111c76ed5b8c67c2af4bd34336de85e4595dee137a9dca5548baf27fd63acc9a20064c9ae0dac8bc514ab03a2f971
-
SSDEEP
6144:/rBU9cyvndpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836PGyA7:FUemndpV6yYP4rbpV6yYPg058KrY
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-