Behavioral task
behavioral1
Sample
4b5109117154acc030af946804340adc7a8749427acf7c6b94a01b44549fd5a4N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
4b5109117154acc030af946804340adc7a8749427acf7c6b94a01b44549fd5a4N.exe
Resource
win10v2004-20241007-en
General
-
Target
4b5109117154acc030af946804340adc7a8749427acf7c6b94a01b44549fd5a4N
-
Size
208KB
-
MD5
e5444b712f023b81e0b44d0098d1d3b0
-
SHA1
66136a2162767545a9a7204799a9d9fbe3b073b4
-
SHA256
4b5109117154acc030af946804340adc7a8749427acf7c6b94a01b44549fd5a4
-
SHA512
92582426b11b18ce8d31ad6530195e93dc817fbc6e6c6ed9f3bcee287df7614924d9c4a8c5d63b012335fda4dfec41a3d84b7b001437c364b98f9d4678f4ae32
-
SSDEEP
3072:G55srsB9iHwMzybJmvUYBdf8gE6+oXO56hKpi9poF5aY6+oocpGHHQnNJuIb:G5eQB9GzhdD8gd+Eu6QnFw5+0pU8b
Malware Config
Signatures
-
Berbew family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4b5109117154acc030af946804340adc7a8749427acf7c6b94a01b44549fd5a4N
Files
-
4b5109117154acc030af946804340adc7a8749427acf7c6b94a01b44549fd5a4N.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 122KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.flh Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ