General
-
Target
ad03dd75477ee0b95e5f0e6a0a4176c9e6722e52b274b9bfe5a23f49b04e00feN
-
Size
117KB
-
Sample
241110-csnxhaxerg
-
MD5
f208a0b99e1015c2e94b5d5ddd19fe00
-
SHA1
8c95ec48d29c4d2e5afc26437bc0b411432578b6
-
SHA256
ad03dd75477ee0b95e5f0e6a0a4176c9e6722e52b274b9bfe5a23f49b04e00fe
-
SHA512
fd66c912587fa06b931ec14c028fc67112d76b5e6b80de105ee2583a51b65047898fb24f7039e25536aa17c2fe62478c27c861bfd6e71395282421b3a6172d58
-
SSDEEP
3072:QCMoaXLKM2mmcYjM9gHE1dA8xCWT8FFfUrQlM:Q7zwTfMQ
Static task
static1
Behavioral task
behavioral1
Sample
ad03dd75477ee0b95e5f0e6a0a4176c9e6722e52b274b9bfe5a23f49b04e00feN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ad03dd75477ee0b95e5f0e6a0a4176c9e6722e52b274b9bfe5a23f49b04e00feN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
ad03dd75477ee0b95e5f0e6a0a4176c9e6722e52b274b9bfe5a23f49b04e00feN
-
Size
117KB
-
MD5
f208a0b99e1015c2e94b5d5ddd19fe00
-
SHA1
8c95ec48d29c4d2e5afc26437bc0b411432578b6
-
SHA256
ad03dd75477ee0b95e5f0e6a0a4176c9e6722e52b274b9bfe5a23f49b04e00fe
-
SHA512
fd66c912587fa06b931ec14c028fc67112d76b5e6b80de105ee2583a51b65047898fb24f7039e25536aa17c2fe62478c27c861bfd6e71395282421b3a6172d58
-
SSDEEP
3072:QCMoaXLKM2mmcYjM9gHE1dA8xCWT8FFfUrQlM:Q7zwTfMQ
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-