General
-
Target
0b8a7b71512d4671d5c0390a5b13c8bc93dbde9ad3651845885d9dac5c7b278aN.exe
-
Size
669KB
-
Sample
241111-pwwgzazcpb
-
MD5
03a19575a05aff9b7e65663a25636253
-
SHA1
6019aa67f2d16b00097cc65e7ef1c98bfa11b860
-
SHA256
bc3cb5985b7cd4486ad5446b7a61965c1677487d8608ca5d27df5530afb0c97d
-
SHA512
6abab367bb5088b5c3d3be28e2e60bc26b8b78eb9e4a2e1238df56b21b568c186f0c3c9dd8520a428dad5346f07f3d30dfdd3cbdee1751a058ec24b01e03dbca
-
SSDEEP
12288:i/VwN3eVKhMpQnqr+cI3a72LXrY6x46UbR/qYglM0:yV0OchMpQnqrdX72LbY6x46uR/qYglM0
Static task
static1
Behavioral task
behavioral1
Sample
0b8a7b71512d4671d5c0390a5b13c8bc93dbde9ad3651845885d9dac5c7b278aN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0b8a7b71512d4671d5c0390a5b13c8bc93dbde9ad3651845885d9dac5c7b278aN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
0b8a7b71512d4671d5c0390a5b13c8bc93dbde9ad3651845885d9dac5c7b278aN.exe
-
Size
669KB
-
MD5
03a19575a05aff9b7e65663a25636253
-
SHA1
6019aa67f2d16b00097cc65e7ef1c98bfa11b860
-
SHA256
bc3cb5985b7cd4486ad5446b7a61965c1677487d8608ca5d27df5530afb0c97d
-
SHA512
6abab367bb5088b5c3d3be28e2e60bc26b8b78eb9e4a2e1238df56b21b568c186f0c3c9dd8520a428dad5346f07f3d30dfdd3cbdee1751a058ec24b01e03dbca
-
SSDEEP
12288:i/VwN3eVKhMpQnqr+cI3a72LXrY6x46UbR/qYglM0:yV0OchMpQnqrdX72LbY6x46uR/qYglM0
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-