General

  • Target

    ad8c5fd4b2935170af16dff4c08fb2483ed7901b14bb03bbc34153a6b5bdd69dN

  • Size

    192KB

  • MD5

    f6e4d9468859e1de520484459a7c5720

  • SHA1

    59276e19ae363749f1e8378082727db7f5f56418

  • SHA256

    ad8c5fd4b2935170af16dff4c08fb2483ed7901b14bb03bbc34153a6b5bdd69d

  • SHA512

    acfa57a4aa2d05b4df6e44a38741e243b3e74df9ba070ecbb0b62573a8dbf0a0a7c3153547b22a20d77c50ce2355a2279413af723943fb067b25758be79bcdb2

  • SSDEEP

    3072:+i5cIkw9S56Vv7XIKp3FQo7fnEBctcp/+wreVism:+QcIOIjBp3FF7fPtcsw6U1

Score
10/10

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Signatures

  • Berbew family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ad8c5fd4b2935170af16dff4c08fb2483ed7901b14bb03bbc34153a6b5bdd69dN
    .exe windows:1 windows x86 arch:x86

    26babd76bbb7f9c516a338b0601b4c9f


    Headers

    Imports

    Sections