General
-
Target
03514c0c7d8395b1b7a1c67c0e7e5896e505f7f87709aef03e6ac0f63ce6760fN
-
Size
285KB
-
Sample
241110-w1rg5s1qf1
-
MD5
6e733ebe4124fc57eb3f49170e548ff0
-
SHA1
b3ac53857af30668b78ce01dd29b376c162bd52b
-
SHA256
03514c0c7d8395b1b7a1c67c0e7e5896e505f7f87709aef03e6ac0f63ce6760f
-
SHA512
7e916dfd100fe8b011431ce40cd9d2b9dff0765b6750909e146c36faf12bf5dee5892e51f0b30d2d28325dd6bac4d080defb09b3a58fe73dd2a2ab312b4f9e2d
-
SSDEEP
3072:15BkHsRbHXLfRlU+feyKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:HyYHXLg+2yKQIoi7tWa
Static task
static1
Behavioral task
behavioral1
Sample
03514c0c7d8395b1b7a1c67c0e7e5896e505f7f87709aef03e6ac0f63ce6760fN.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
03514c0c7d8395b1b7a1c67c0e7e5896e505f7f87709aef03e6ac0f63ce6760fN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
03514c0c7d8395b1b7a1c67c0e7e5896e505f7f87709aef03e6ac0f63ce6760fN
-
Size
285KB
-
MD5
6e733ebe4124fc57eb3f49170e548ff0
-
SHA1
b3ac53857af30668b78ce01dd29b376c162bd52b
-
SHA256
03514c0c7d8395b1b7a1c67c0e7e5896e505f7f87709aef03e6ac0f63ce6760f
-
SHA512
7e916dfd100fe8b011431ce40cd9d2b9dff0765b6750909e146c36faf12bf5dee5892e51f0b30d2d28325dd6bac4d080defb09b3a58fe73dd2a2ab312b4f9e2d
-
SSDEEP
3072:15BkHsRbHXLfRlU+feyKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:HyYHXLg+2yKQIoi7tWa
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-