General
-
Target
3ecb1979f5156f66773a54f00d04b6e83fb4a0e5c2b88b4cd7869614b850c997.exe
-
Size
1.3MB
-
Sample
241112-pa2f4a1ndw
-
MD5
ffa5ccabd7e480570ce497773344965d
-
SHA1
926ed8bbf2fcf9992298bfe315fb7c6a98e85b08
-
SHA256
3ecb1979f5156f66773a54f00d04b6e83fb4a0e5c2b88b4cd7869614b850c997
-
SHA512
919a8b74cb61131ca9a4b8c6fae54e77671b460cec3be13a785e92a691d246daea02ee4baf259cfc240fc42faacd9b7b64243e11856725d521225d142b52487e
-
SSDEEP
24576:64vr4B9f01ZmQvrb91v92W9C05wkEPSOdKkrzEoxrC9toC9Dq9onkt:64kB9f0VP91v92W805IPSOdKgzEoxrlF
Static task
static1
Behavioral task
behavioral1
Sample
3ecb1979f5156f66773a54f00d04b6e83fb4a0e5c2b88b4cd7869614b850c997.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
3ecb1979f5156f66773a54f00d04b6e83fb4a0e5c2b88b4cd7869614b850c997.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
3ecb1979f5156f66773a54f00d04b6e83fb4a0e5c2b88b4cd7869614b850c997.exe
-
Size
1.3MB
-
MD5
ffa5ccabd7e480570ce497773344965d
-
SHA1
926ed8bbf2fcf9992298bfe315fb7c6a98e85b08
-
SHA256
3ecb1979f5156f66773a54f00d04b6e83fb4a0e5c2b88b4cd7869614b850c997
-
SHA512
919a8b74cb61131ca9a4b8c6fae54e77671b460cec3be13a785e92a691d246daea02ee4baf259cfc240fc42faacd9b7b64243e11856725d521225d142b52487e
-
SSDEEP
24576:64vr4B9f01ZmQvrb91v92W9C05wkEPSOdKkrzEoxrC9toC9Dq9onkt:64kB9f0VP91v92W805IPSOdKgzEoxrlF
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-