General
-
Target
4463c25897014b293142c190d9403795834abf2c7f96a3a8bc024d36b28c62d7.exe
-
Size
96KB
-
Sample
241112-q1pewsspa1
-
MD5
33b6172b23cc0a15a582d8a8dcc94aef
-
SHA1
b6f4286e3884115884dd26bdc9a8ed8ea996e882
-
SHA256
4463c25897014b293142c190d9403795834abf2c7f96a3a8bc024d36b28c62d7
-
SHA512
ee90cf8ac7972ff4cc30a691d9ef5d685abc6d886f7f4d9dd2713aeae210b4d39a0782c14b2f3555ba04c18ba1cc47985d0e22ec3021a93c909e096b07fd29d4
-
SSDEEP
1536:2ER9nZ0a1k29n1rNBFvHUU9OSPjdCy+GRXXXXXXXXXXXXXXsXXXXXXxHXXXXXXy2:bnSghnFPUU9FBCyL/VskkVwtC7
Static task
static1
Behavioral task
behavioral1
Sample
4463c25897014b293142c190d9403795834abf2c7f96a3a8bc024d36b28c62d7.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4463c25897014b293142c190d9403795834abf2c7f96a3a8bc024d36b28c62d7.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
4463c25897014b293142c190d9403795834abf2c7f96a3a8bc024d36b28c62d7.exe
-
Size
96KB
-
MD5
33b6172b23cc0a15a582d8a8dcc94aef
-
SHA1
b6f4286e3884115884dd26bdc9a8ed8ea996e882
-
SHA256
4463c25897014b293142c190d9403795834abf2c7f96a3a8bc024d36b28c62d7
-
SHA512
ee90cf8ac7972ff4cc30a691d9ef5d685abc6d886f7f4d9dd2713aeae210b4d39a0782c14b2f3555ba04c18ba1cc47985d0e22ec3021a93c909e096b07fd29d4
-
SSDEEP
1536:2ER9nZ0a1k29n1rNBFvHUU9OSPjdCy+GRXXXXXXXXXXXXXXsXXXXXXxHXXXXXXy2:bnSghnFPUU9FBCyL/VskkVwtC7
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-