General
-
Target
bf7f57ad0dcf230b275c64c62b083da463ae77b714d5f8ab1c101f5a501b55c6
-
Size
187KB
-
Sample
241110-cpzjtswqdw
-
MD5
bb4db216a8123c56616f4743369aac07
-
SHA1
94cd3e84c9a3ff4190a9c2aca6cca449823c5944
-
SHA256
bf7f57ad0dcf230b275c64c62b083da463ae77b714d5f8ab1c101f5a501b55c6
-
SHA512
51642c66726728399924a6db83f7eb72b5fb19373a592d3d3fd1264f00ac6672cfa89225b84a9a0a84d81cba3792eebdb18c940b3cb51dbcbe1f526b448e476c
-
SSDEEP
3072:Q+rpNrulRsW3xkjjjjjjjjjjjjjjOjjjjjjN/jjjjjjp2DhFVgtRQ2c+tlB5xpW9:QEYlPq9FV+tbFOLM77OLLt
Behavioral task
behavioral1
Sample
bf7f57ad0dcf230b275c64c62b083da463ae77b714d5f8ab1c101f5a501b55c6.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
bf7f57ad0dcf230b275c64c62b083da463ae77b714d5f8ab1c101f5a501b55c6.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
bf7f57ad0dcf230b275c64c62b083da463ae77b714d5f8ab1c101f5a501b55c6
-
Size
187KB
-
MD5
bb4db216a8123c56616f4743369aac07
-
SHA1
94cd3e84c9a3ff4190a9c2aca6cca449823c5944
-
SHA256
bf7f57ad0dcf230b275c64c62b083da463ae77b714d5f8ab1c101f5a501b55c6
-
SHA512
51642c66726728399924a6db83f7eb72b5fb19373a592d3d3fd1264f00ac6672cfa89225b84a9a0a84d81cba3792eebdb18c940b3cb51dbcbe1f526b448e476c
-
SSDEEP
3072:Q+rpNrulRsW3xkjjjjjjjjjjjjjjOjjjjjjN/jjjjjjp2DhFVgtRQ2c+tlB5xpW9:QEYlPq9FV+tbFOLM77OLLt
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-