General
-
Target
0644810e4fb4419cec1af00347154516e23292f3b516a9914f0a717eff5d9157N
-
Size
128KB
-
Sample
241110-cekypaxclc
-
MD5
df07fb857617138413e61b72cb117bc0
-
SHA1
30146673ac5fe19e0a13ea27609e1843bdc6cdfa
-
SHA256
0644810e4fb4419cec1af00347154516e23292f3b516a9914f0a717eff5d9157
-
SHA512
70987f7e2ee86a4f88aaa3a3f7d8ea39d168a9994192892630dc877ed7afc16323d1d8adfeebe25b01dd8d23188406605bd3542f0ede612c20ee02390db0dcad
-
SSDEEP
1536:aBLRu1xsLLscQ/H5tOtr7x38I0RQDcRfRa9HprmRfRJCLIXG:69psH/YrF3p0eDc5wkpHxG
Static task
static1
Behavioral task
behavioral1
Sample
0644810e4fb4419cec1af00347154516e23292f3b516a9914f0a717eff5d9157N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0644810e4fb4419cec1af00347154516e23292f3b516a9914f0a717eff5d9157N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
0644810e4fb4419cec1af00347154516e23292f3b516a9914f0a717eff5d9157N
-
Size
128KB
-
MD5
df07fb857617138413e61b72cb117bc0
-
SHA1
30146673ac5fe19e0a13ea27609e1843bdc6cdfa
-
SHA256
0644810e4fb4419cec1af00347154516e23292f3b516a9914f0a717eff5d9157
-
SHA512
70987f7e2ee86a4f88aaa3a3f7d8ea39d168a9994192892630dc877ed7afc16323d1d8adfeebe25b01dd8d23188406605bd3542f0ede612c20ee02390db0dcad
-
SSDEEP
1536:aBLRu1xsLLscQ/H5tOtr7x38I0RQDcRfRa9HprmRfRJCLIXG:69psH/YrF3p0eDc5wkpHxG
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-