General
-
Target
e80d24544f1fc46b0cc2a35a66f2a00395f0a607b5c55c4eda133a0eca9132a7N.exe
-
Size
95KB
-
Sample
241112-rw21vsvcpn
-
MD5
b806be8864ddb8b90b3d466ce4c01100
-
SHA1
253e205d075dd501cb8319b5110a39f1158cf339
-
SHA256
e80d24544f1fc46b0cc2a35a66f2a00395f0a607b5c55c4eda133a0eca9132a7
-
SHA512
688d498a9b2d3b04518185162634574f4fbf2d9df439328468b0ec16260a8c912f2818ed8d1f00c64e2e8d4f1da30a03503f343ea48029c54273d64a5dc0fc95
-
SSDEEP
1536:2wYyD58GY/pCq6+SY7fKfi+WrxwNistIcgyr5vbMAAEQ6gJCK/1j6OM6bOLXi8Pz:2wYQ1Y/V6+P7791otIcgyrVbMAgl6Dr/
Static task
static1
Behavioral task
behavioral1
Sample
e80d24544f1fc46b0cc2a35a66f2a00395f0a607b5c55c4eda133a0eca9132a7N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e80d24544f1fc46b0cc2a35a66f2a00395f0a607b5c55c4eda133a0eca9132a7N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
e80d24544f1fc46b0cc2a35a66f2a00395f0a607b5c55c4eda133a0eca9132a7N.exe
-
Size
95KB
-
MD5
b806be8864ddb8b90b3d466ce4c01100
-
SHA1
253e205d075dd501cb8319b5110a39f1158cf339
-
SHA256
e80d24544f1fc46b0cc2a35a66f2a00395f0a607b5c55c4eda133a0eca9132a7
-
SHA512
688d498a9b2d3b04518185162634574f4fbf2d9df439328468b0ec16260a8c912f2818ed8d1f00c64e2e8d4f1da30a03503f343ea48029c54273d64a5dc0fc95
-
SSDEEP
1536:2wYyD58GY/pCq6+SY7fKfi+WrxwNistIcgyr5vbMAAEQ6gJCK/1j6OM6bOLXi8Pz:2wYQ1Y/V6+P7791otIcgyrVbMAgl6Dr/
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-