General
-
Target
8f4be9c6cec5f83b76fad1a2e432e0cc678d2a5965b7c875243b26b3fe0e9180N
-
Size
1.3MB
-
Sample
241112-p1afasshnf
-
MD5
bcfd8d6829dfb592bb77916c86b4e5b0
-
SHA1
9fe955daf388a29813845adfc8649ab4d5fbde06
-
SHA256
8f4be9c6cec5f83b76fad1a2e432e0cc678d2a5965b7c875243b26b3fe0e9180
-
SHA512
9ac17d864233526f79edaf1d7cbb75df205aa2520438557dbceffef78e458083cd2e0b8b9d717f3c6a69cbb9bc4c55e3c985333a9dbd25259b38ac63be53b5d9
-
SSDEEP
6144:/K1rHq+iE5ZC2npb+oB+Zz2HG8t0DoEWufVuvw0HBHY8rQ+6bPD3wPSk8ymL2MTb:/KhqLAbaz22cWfVaw0HBHY8r8ABjMn
Static task
static1
Behavioral task
behavioral1
Sample
8f4be9c6cec5f83b76fad1a2e432e0cc678d2a5965b7c875243b26b3fe0e9180N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
8f4be9c6cec5f83b76fad1a2e432e0cc678d2a5965b7c875243b26b3fe0e9180N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
8f4be9c6cec5f83b76fad1a2e432e0cc678d2a5965b7c875243b26b3fe0e9180N
-
Size
1.3MB
-
MD5
bcfd8d6829dfb592bb77916c86b4e5b0
-
SHA1
9fe955daf388a29813845adfc8649ab4d5fbde06
-
SHA256
8f4be9c6cec5f83b76fad1a2e432e0cc678d2a5965b7c875243b26b3fe0e9180
-
SHA512
9ac17d864233526f79edaf1d7cbb75df205aa2520438557dbceffef78e458083cd2e0b8b9d717f3c6a69cbb9bc4c55e3c985333a9dbd25259b38ac63be53b5d9
-
SSDEEP
6144:/K1rHq+iE5ZC2npb+oB+Zz2HG8t0DoEWufVuvw0HBHY8rQ+6bPD3wPSk8ymL2MTb:/KhqLAbaz22cWfVaw0HBHY8r8ABjMn
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-