General
-
Target
1374f7650d2534033d44c8e3dfac54232c95a9129e3c8d8415efd5a97b8919adN
-
Size
160KB
-
Sample
241110-ntfhaswerh
-
MD5
da07452510a5acd60436b7c273ec8600
-
SHA1
4bf5eea11f884e0fd466bf542cc64b4ca8b2f6e3
-
SHA256
1374f7650d2534033d44c8e3dfac54232c95a9129e3c8d8415efd5a97b8919ad
-
SHA512
f378c90068d4c8862ed09fe8afcc6858964393961ecaf6f11e43f211cd6c3d2d10494f12105373b243de48531b4126bbb6e0565079265958d1dd47907854a6c1
-
SSDEEP
3072:cqir1TUOWw/B5kpTYGDUdlGzpefw0v0wnJcefSXQHPTTAkvB5DdcgFM9MEl7lFH6:5ir1IOWwgp/4dwz8htnJfKXqPTX7D7Fh
Behavioral task
behavioral1
Sample
1374f7650d2534033d44c8e3dfac54232c95a9129e3c8d8415efd5a97b8919adN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1374f7650d2534033d44c8e3dfac54232c95a9129e3c8d8415efd5a97b8919adN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
1374f7650d2534033d44c8e3dfac54232c95a9129e3c8d8415efd5a97b8919adN
-
Size
160KB
-
MD5
da07452510a5acd60436b7c273ec8600
-
SHA1
4bf5eea11f884e0fd466bf542cc64b4ca8b2f6e3
-
SHA256
1374f7650d2534033d44c8e3dfac54232c95a9129e3c8d8415efd5a97b8919ad
-
SHA512
f378c90068d4c8862ed09fe8afcc6858964393961ecaf6f11e43f211cd6c3d2d10494f12105373b243de48531b4126bbb6e0565079265958d1dd47907854a6c1
-
SSDEEP
3072:cqir1TUOWw/B5kpTYGDUdlGzpefw0v0wnJcefSXQHPTTAkvB5DdcgFM9MEl7lFH6:5ir1IOWwgp/4dwz8htnJfKXqPTX7D7Fh
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-