General
-
Target
0eca603c2f6af6696da1c4f8d040c83a3fb554fb13ea2347ca43d0f3c0fa6cf1N
-
Size
1024KB
-
Sample
241110-d62aesyglh
-
MD5
b71d050c84607760819f192d61226e20
-
SHA1
72b3878973efff8f5d5918b08e851066164f6488
-
SHA256
0eca603c2f6af6696da1c4f8d040c83a3fb554fb13ea2347ca43d0f3c0fa6cf1
-
SHA512
38207a4c9d934c03261d29ed834d9815378a89ebae8071e218405acf27de8e3fbbf9b95b04e4a8e14fdf70c90e575099cf5e9fc544cb13b74fabe693e51e1877
-
SSDEEP
12288:wj9EWSkY660fIaDZkY660f8jTK/XhdAwlt01PBExKN4P6IfKTLR+6CwUkEoH:wMgsaDZgQjGkwlks/6HnEO
Static task
static1
Behavioral task
behavioral1
Sample
0eca603c2f6af6696da1c4f8d040c83a3fb554fb13ea2347ca43d0f3c0fa6cf1N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
0eca603c2f6af6696da1c4f8d040c83a3fb554fb13ea2347ca43d0f3c0fa6cf1N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
0eca603c2f6af6696da1c4f8d040c83a3fb554fb13ea2347ca43d0f3c0fa6cf1N
-
Size
1024KB
-
MD5
b71d050c84607760819f192d61226e20
-
SHA1
72b3878973efff8f5d5918b08e851066164f6488
-
SHA256
0eca603c2f6af6696da1c4f8d040c83a3fb554fb13ea2347ca43d0f3c0fa6cf1
-
SHA512
38207a4c9d934c03261d29ed834d9815378a89ebae8071e218405acf27de8e3fbbf9b95b04e4a8e14fdf70c90e575099cf5e9fc544cb13b74fabe693e51e1877
-
SSDEEP
12288:wj9EWSkY660fIaDZkY660f8jTK/XhdAwlt01PBExKN4P6IfKTLR+6CwUkEoH:wMgsaDZgQjGkwlks/6HnEO
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-