General
-
Target
49ab5335e0345cfff68a95e007e89fb296eb1c95f7d82dd625996c38037c11a0N
-
Size
90KB
-
Sample
241110-syxdtszdmh
-
MD5
8187a18d84fdd13c9c188a7d42f7c1a0
-
SHA1
c8b210ce6317e110d3d7e0dbddb6e3ff7202deaa
-
SHA256
49ab5335e0345cfff68a95e007e89fb296eb1c95f7d82dd625996c38037c11a0
-
SHA512
306c81034118c0a29d66742be44923ca187e8245e2a59373efa2d6d08c448ee2706333c2fcf5b2a353a5d72e58be7eb081b4609e2d743720babf39ada142a33b
-
SSDEEP
1536:HA6WkjBHB81djOvphtIYepX4Uc0gN842Z2JRLADKrUKGmu/Ub0VkVNK:pWvXOvphdFumRZbGmu/Ub0+NK
Static task
static1
Behavioral task
behavioral1
Sample
49ab5335e0345cfff68a95e007e89fb296eb1c95f7d82dd625996c38037c11a0N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
49ab5335e0345cfff68a95e007e89fb296eb1c95f7d82dd625996c38037c11a0N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
49ab5335e0345cfff68a95e007e89fb296eb1c95f7d82dd625996c38037c11a0N
-
Size
90KB
-
MD5
8187a18d84fdd13c9c188a7d42f7c1a0
-
SHA1
c8b210ce6317e110d3d7e0dbddb6e3ff7202deaa
-
SHA256
49ab5335e0345cfff68a95e007e89fb296eb1c95f7d82dd625996c38037c11a0
-
SHA512
306c81034118c0a29d66742be44923ca187e8245e2a59373efa2d6d08c448ee2706333c2fcf5b2a353a5d72e58be7eb081b4609e2d743720babf39ada142a33b
-
SSDEEP
1536:HA6WkjBHB81djOvphtIYepX4Uc0gN842Z2JRLADKrUKGmu/Ub0VkVNK:pWvXOvphdFumRZbGmu/Ub0+NK
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-