General
-
Target
6fed2c85d4f607038bbad92748373ce7d72a53dd71ed3ee06ba986ef78391afaN
-
Size
71KB
-
Sample
241110-nzc95ayrdn
-
MD5
c6e1f4a33f40383dc3d07883aedd6020
-
SHA1
494a51376e9a50e9347479f100d23eeb57d815e9
-
SHA256
6fed2c85d4f607038bbad92748373ce7d72a53dd71ed3ee06ba986ef78391afa
-
SHA512
bb9babde8201296d8db2445d720b9eda501b3cd85c78e7a557b89b42771c7b74f5e4073498121da928cfde15daf1582463ac33544938f046a3342496605062f2
-
SSDEEP
1536:te/zW6v+rimUdTEzwQgfL0FU1MPLIPoNLoz+pRQRpK1P+ATT:tTz2bL0FU1oIPoNLneWP+A3
Static task
static1
Behavioral task
behavioral1
Sample
6fed2c85d4f607038bbad92748373ce7d72a53dd71ed3ee06ba986ef78391afaN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6fed2c85d4f607038bbad92748373ce7d72a53dd71ed3ee06ba986ef78391afaN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
6fed2c85d4f607038bbad92748373ce7d72a53dd71ed3ee06ba986ef78391afaN
-
Size
71KB
-
MD5
c6e1f4a33f40383dc3d07883aedd6020
-
SHA1
494a51376e9a50e9347479f100d23eeb57d815e9
-
SHA256
6fed2c85d4f607038bbad92748373ce7d72a53dd71ed3ee06ba986ef78391afa
-
SHA512
bb9babde8201296d8db2445d720b9eda501b3cd85c78e7a557b89b42771c7b74f5e4073498121da928cfde15daf1582463ac33544938f046a3342496605062f2
-
SSDEEP
1536:te/zW6v+rimUdTEzwQgfL0FU1MPLIPoNLoz+pRQRpK1P+ATT:tTz2bL0FU1oIPoNLneWP+A3
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-