General
-
Target
c6a004546580b500d065fcff9afd8674265108c74a5c81eaabe13613231e70d7N.exe
-
Size
144KB
-
Sample
241111-pc573aygnr
-
MD5
51e4d046c37b061b6310d7fd63d1e4e6
-
SHA1
88fbffdc035b4b12930df1754ef2e673e24154ea
-
SHA256
072810f24a7054c97bd24598ef40f5c75c0ee56f37ab6ef1d5b6bd3a38026d38
-
SHA512
f10e3233ab5b4df5e4b0f5bab84ff91731728aebb2df6e54e62acbfb277c3a5d11fc91629ae082e5a3724b46d63454843900908583ef53d71aed3f1e62ec1929
-
SSDEEP
3072:/Hbx3K5KHdYc9RIOPzStzGYJpD9r8XxrYnQg4sIi:/7xz9YoLS1GyZ6Yui
Static task
static1
Behavioral task
behavioral1
Sample
c6a004546580b500d065fcff9afd8674265108c74a5c81eaabe13613231e70d7N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c6a004546580b500d065fcff9afd8674265108c74a5c81eaabe13613231e70d7N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
c6a004546580b500d065fcff9afd8674265108c74a5c81eaabe13613231e70d7N.exe
-
Size
144KB
-
MD5
51e4d046c37b061b6310d7fd63d1e4e6
-
SHA1
88fbffdc035b4b12930df1754ef2e673e24154ea
-
SHA256
072810f24a7054c97bd24598ef40f5c75c0ee56f37ab6ef1d5b6bd3a38026d38
-
SHA512
f10e3233ab5b4df5e4b0f5bab84ff91731728aebb2df6e54e62acbfb277c3a5d11fc91629ae082e5a3724b46d63454843900908583ef53d71aed3f1e62ec1929
-
SSDEEP
3072:/Hbx3K5KHdYc9RIOPzStzGYJpD9r8XxrYnQg4sIi:/7xz9YoLS1GyZ6Yui
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-