General
-
Target
8f5de93576484f382b8ed5055a17b1853d744f073fb4da929dc4d0d8e197d863N.exe
-
Size
93KB
-
Sample
241112-q6be8axken
-
MD5
c67665d5732f971a4c2ef202836c4220
-
SHA1
cc7878c061415e034d1ff42f14100a09c12f2029
-
SHA256
8f5de93576484f382b8ed5055a17b1853d744f073fb4da929dc4d0d8e197d863
-
SHA512
e269c99ec1a55f7cc901c573656b405c7db5f81b8fba5fc020afe2f5607194fec51ee6e7de8b92a12f5438b122b80c3de5cc93a6176f040ff1e3591d814075a3
-
SSDEEP
1536:EV3k1In4Udovktf+3JNn1UvJB/aOHoToRQApRJJ5R2xOSC4Bus3cO57OWxXPu4nT:G3k1Y4xvktf+331UxlaOH5eqrJ5wxO3A
Static task
static1
Behavioral task
behavioral1
Sample
8f5de93576484f382b8ed5055a17b1853d744f073fb4da929dc4d0d8e197d863N.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
8f5de93576484f382b8ed5055a17b1853d744f073fb4da929dc4d0d8e197d863N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
8f5de93576484f382b8ed5055a17b1853d744f073fb4da929dc4d0d8e197d863N.exe
-
Size
93KB
-
MD5
c67665d5732f971a4c2ef202836c4220
-
SHA1
cc7878c061415e034d1ff42f14100a09c12f2029
-
SHA256
8f5de93576484f382b8ed5055a17b1853d744f073fb4da929dc4d0d8e197d863
-
SHA512
e269c99ec1a55f7cc901c573656b405c7db5f81b8fba5fc020afe2f5607194fec51ee6e7de8b92a12f5438b122b80c3de5cc93a6176f040ff1e3591d814075a3
-
SSDEEP
1536:EV3k1In4Udovktf+3JNn1UvJB/aOHoToRQApRJJ5R2xOSC4Bus3cO57OWxXPu4nT:G3k1Y4xvktf+331UxlaOH5eqrJ5wxO3A
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-