General
-
Target
4a7b7a86d83e13e47065ea1812358f9d58d44ea53242f06b3c9c43da4c23d4ccN
-
Size
448KB
-
Sample
241110-xaax5ssjcs
-
MD5
ea34192cf52f5371c3818578d137d080
-
SHA1
e4332a0a4c14d412af6948e15b1c959f6cf76257
-
SHA256
4a7b7a86d83e13e47065ea1812358f9d58d44ea53242f06b3c9c43da4c23d4cc
-
SHA512
3b79c7cba5f43780c1e6168ecdd515f8b62e9db60d52877b4b8bce311575044a6672571dc945fc3d9b5d1e20d5a5f8a56a567ab64a2a3f44238105ba6f412ed9
-
SSDEEP
6144:ZvsBYKOnR1IVDC1CAkOCOu0EajNVBZr6y2WX:ZvsWnR1O7
Static task
static1
Behavioral task
behavioral1
Sample
4a7b7a86d83e13e47065ea1812358f9d58d44ea53242f06b3c9c43da4c23d4ccN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
4a7b7a86d83e13e47065ea1812358f9d58d44ea53242f06b3c9c43da4c23d4ccN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
4a7b7a86d83e13e47065ea1812358f9d58d44ea53242f06b3c9c43da4c23d4ccN
-
Size
448KB
-
MD5
ea34192cf52f5371c3818578d137d080
-
SHA1
e4332a0a4c14d412af6948e15b1c959f6cf76257
-
SHA256
4a7b7a86d83e13e47065ea1812358f9d58d44ea53242f06b3c9c43da4c23d4cc
-
SHA512
3b79c7cba5f43780c1e6168ecdd515f8b62e9db60d52877b4b8bce311575044a6672571dc945fc3d9b5d1e20d5a5f8a56a567ab64a2a3f44238105ba6f412ed9
-
SSDEEP
6144:ZvsBYKOnR1IVDC1CAkOCOu0EajNVBZr6y2WX:ZvsWnR1O7
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-