General
-
Target
0f98b75e8f7224073c3cea10a4919b04cfbd351f4edb07ffaa1c088a70336a9fN
-
Size
664KB
-
Sample
241110-d3anasydrq
-
MD5
f8efab00e1dac40c61699be79a747550
-
SHA1
be69e0167060658ed9122e9ba550269f9c5b9f18
-
SHA256
0f98b75e8f7224073c3cea10a4919b04cfbd351f4edb07ffaa1c088a70336a9f
-
SHA512
3193ffdc84f6dd210815cd644c6a46702fb9667d57c0363d9b92b68e8c24aa2199b6abc8158ed60bd302dba9e11a4b7c5c2be78fb42405ebb1c1050c8c33b419
-
SSDEEP
12288:wMWpV6yYP4rbpV6yYPg058KpV6yYPNUir2MhNl6zX3w9As/xO23WM6tJmDYjmR54:OW4XWleKWNUir2MhNl6zX3w9As/xO23U
Static task
static1
Behavioral task
behavioral1
Sample
0f98b75e8f7224073c3cea10a4919b04cfbd351f4edb07ffaa1c088a70336a9fN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
0f98b75e8f7224073c3cea10a4919b04cfbd351f4edb07ffaa1c088a70336a9fN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
0f98b75e8f7224073c3cea10a4919b04cfbd351f4edb07ffaa1c088a70336a9fN
-
Size
664KB
-
MD5
f8efab00e1dac40c61699be79a747550
-
SHA1
be69e0167060658ed9122e9ba550269f9c5b9f18
-
SHA256
0f98b75e8f7224073c3cea10a4919b04cfbd351f4edb07ffaa1c088a70336a9f
-
SHA512
3193ffdc84f6dd210815cd644c6a46702fb9667d57c0363d9b92b68e8c24aa2199b6abc8158ed60bd302dba9e11a4b7c5c2be78fb42405ebb1c1050c8c33b419
-
SSDEEP
12288:wMWpV6yYP4rbpV6yYPg058KpV6yYPNUir2MhNl6zX3w9As/xO23WM6tJmDYjmR54:OW4XWleKWNUir2MhNl6zX3w9As/xO23U
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-