General
-
Target
d11292e4fa8a17509f553e08c9fe7c24fc72e45922731d4667ab80e6e404f459N.exe
-
Size
1000KB
-
Sample
241112-n6z3gasdmd
-
MD5
f2db6a19054b9516f096800b09fa655b
-
SHA1
ef7f5a12a584cecc9f74d916216b00d086fc22de
-
SHA256
4c505e51370b6b5ae33cb13740374a7ca1b5324d9079e2ff82a240c23ce080c1
-
SHA512
3882bace793dcb2f18c325215c5e7bf109c46a827ad38261c3f0491ca3ba307cda1d8f64d4126323690124163cf0f641ec03d203749bdc1a2b73d38877065952
-
SSDEEP
24576:dtHBFLPj3btStuv40arYciakobDlsa2VIGqPWYvyAN58WJm8MoC9Dq9oN:dtHBFLPj3JStuv40ar7iarbDlsa2VIlw
Static task
static1
Behavioral task
behavioral1
Sample
d11292e4fa8a17509f553e08c9fe7c24fc72e45922731d4667ab80e6e404f459N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d11292e4fa8a17509f553e08c9fe7c24fc72e45922731d4667ab80e6e404f459N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
d11292e4fa8a17509f553e08c9fe7c24fc72e45922731d4667ab80e6e404f459N.exe
-
Size
1000KB
-
MD5
f2db6a19054b9516f096800b09fa655b
-
SHA1
ef7f5a12a584cecc9f74d916216b00d086fc22de
-
SHA256
4c505e51370b6b5ae33cb13740374a7ca1b5324d9079e2ff82a240c23ce080c1
-
SHA512
3882bace793dcb2f18c325215c5e7bf109c46a827ad38261c3f0491ca3ba307cda1d8f64d4126323690124163cf0f641ec03d203749bdc1a2b73d38877065952
-
SSDEEP
24576:dtHBFLPj3btStuv40arYciakobDlsa2VIGqPWYvyAN58WJm8MoC9Dq9oN:dtHBFLPj3JStuv40ar7iarbDlsa2VIlw
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-