General
-
Target
5ef6258f1587e1730d40c56a3a9a0e6566f201be0f7f38694e3ca2c5c1e322e9N
-
Size
109KB
-
Sample
241112-n4c5xsscll
-
MD5
de1ceb05e74b461d9781a25e05a562e0
-
SHA1
647f4f422a074dd170cccb1c1e6d4c51290155cd
-
SHA256
5ef6258f1587e1730d40c56a3a9a0e6566f201be0f7f38694e3ca2c5c1e322e9
-
SHA512
3bd74f8a0ca76261a62f892a2b3a206f94970da4bd5ab33947f7b823cad336452dddbc9496d77c34f5b40a0dc7a104b0549a74ad23df8427264e03a9c449ab83
-
SSDEEP
3072:3YNanKRU2aYp6kBbJZMdE0dJ9XLCqwzBu1DjHLMVDqqkSpR:3znmNfp6AJZcE0dJ9rwtu1DjrFqhz
Static task
static1
Behavioral task
behavioral1
Sample
5ef6258f1587e1730d40c56a3a9a0e6566f201be0f7f38694e3ca2c5c1e322e9N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
5ef6258f1587e1730d40c56a3a9a0e6566f201be0f7f38694e3ca2c5c1e322e9N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
5ef6258f1587e1730d40c56a3a9a0e6566f201be0f7f38694e3ca2c5c1e322e9N
-
Size
109KB
-
MD5
de1ceb05e74b461d9781a25e05a562e0
-
SHA1
647f4f422a074dd170cccb1c1e6d4c51290155cd
-
SHA256
5ef6258f1587e1730d40c56a3a9a0e6566f201be0f7f38694e3ca2c5c1e322e9
-
SHA512
3bd74f8a0ca76261a62f892a2b3a206f94970da4bd5ab33947f7b823cad336452dddbc9496d77c34f5b40a0dc7a104b0549a74ad23df8427264e03a9c449ab83
-
SSDEEP
3072:3YNanKRU2aYp6kBbJZMdE0dJ9XLCqwzBu1DjHLMVDqqkSpR:3znmNfp6AJZcE0dJ9rwtu1DjrFqhz
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-