General
-
Target
345b8949f8aa37dcdde6b34af7232cc35c0c2428954d5ef30d0590406a40c149N.exe
-
Size
290KB
-
Sample
241111-pmspqaykfw
-
MD5
ed003a031bb0fee47a2801b84528a37e
-
SHA1
a85410ea635c494b1c4a6445c26457af7a406f52
-
SHA256
1bfc9cd932046a76bf4466854ee6ab4eafb6615d46db942708662c48cd85431d
-
SHA512
86999b2734aa25aaf0d2aa7cf9c5c577e7bf714dc980337816f2add73ac8d82f2c78cd525d34840a21e579d4edbb91c874bee3a7a47f1a3ed70b15499b64eceb
-
SSDEEP
6144:npkgEA95hEUmKyIxLDXXoq9FJZCUmKyIxLa:rEADa32XXf9Do3h
Static task
static1
Behavioral task
behavioral1
Sample
345b8949f8aa37dcdde6b34af7232cc35c0c2428954d5ef30d0590406a40c149N.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
345b8949f8aa37dcdde6b34af7232cc35c0c2428954d5ef30d0590406a40c149N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
345b8949f8aa37dcdde6b34af7232cc35c0c2428954d5ef30d0590406a40c149N.exe
-
Size
290KB
-
MD5
ed003a031bb0fee47a2801b84528a37e
-
SHA1
a85410ea635c494b1c4a6445c26457af7a406f52
-
SHA256
1bfc9cd932046a76bf4466854ee6ab4eafb6615d46db942708662c48cd85431d
-
SHA512
86999b2734aa25aaf0d2aa7cf9c5c577e7bf714dc980337816f2add73ac8d82f2c78cd525d34840a21e579d4edbb91c874bee3a7a47f1a3ed70b15499b64eceb
-
SSDEEP
6144:npkgEA95hEUmKyIxLDXXoq9FJZCUmKyIxLa:rEADa32XXf9Do3h
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-