General
-
Target
6bd6ff8a4d9ca8a28e68b367f8dd2c55bf469dc144a9129989a1eaf32c3e52afN
-
Size
411KB
-
Sample
241110-mld4tsvdpn
-
MD5
8b4d067624f175adf8a369733c36b770
-
SHA1
a33acd02876a5e9c8fc5d66340a7b2a502f78e07
-
SHA256
6bd6ff8a4d9ca8a28e68b367f8dd2c55bf469dc144a9129989a1eaf32c3e52af
-
SHA512
7c09a2fdfa596079875f1f5320eb5d260ffe099c80d3f5ea94c492c8e50c204f2ad51d26a161fc12d3c916667b303c3df0dea10a51207007e2610f557c83a20b
-
SSDEEP
12288:qPpV6yYPI3cpV6yYPZ0PVdvcY9+8hk5PDtJNBcL/D:kWHWZ0PVdvcY9+8hk5DtJNBcL/D
Static task
static1
Behavioral task
behavioral1
Sample
6bd6ff8a4d9ca8a28e68b367f8dd2c55bf469dc144a9129989a1eaf32c3e52afN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6bd6ff8a4d9ca8a28e68b367f8dd2c55bf469dc144a9129989a1eaf32c3e52afN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
6bd6ff8a4d9ca8a28e68b367f8dd2c55bf469dc144a9129989a1eaf32c3e52afN
-
Size
411KB
-
MD5
8b4d067624f175adf8a369733c36b770
-
SHA1
a33acd02876a5e9c8fc5d66340a7b2a502f78e07
-
SHA256
6bd6ff8a4d9ca8a28e68b367f8dd2c55bf469dc144a9129989a1eaf32c3e52af
-
SHA512
7c09a2fdfa596079875f1f5320eb5d260ffe099c80d3f5ea94c492c8e50c204f2ad51d26a161fc12d3c916667b303c3df0dea10a51207007e2610f557c83a20b
-
SSDEEP
12288:qPpV6yYPI3cpV6yYPZ0PVdvcY9+8hk5PDtJNBcL/D:kWHWZ0PVdvcY9+8hk5DtJNBcL/D
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-