General
-
Target
80889d59b92c0cfb8554443ccd6f5cec5ffaf6d04a72b55bf9c099cf8c90cb3a.exe
-
Size
89KB
-
Sample
241113-xbqd8axcnd
-
MD5
2a79ecadb7089fe494736a5344c00109
-
SHA1
a4be5f5bfcde6f9af49724b18a6dc4d4a1a2595f
-
SHA256
80889d59b92c0cfb8554443ccd6f5cec5ffaf6d04a72b55bf9c099cf8c90cb3a
-
SHA512
9c08928ed9218656d7d65b5c32681a1865e2702d0c6e0452a5a409781c830d4be89efb863ee57a1e64019b6c1e820e5266f199c4dd3c3a2fcdd5fc4f560f54a8
-
SSDEEP
1536:U6wDd6ytcU3TcE/yCFOD+paMGqCRQq+rj8CGyRQwR+KRFR3RzR1URJrCiuiNj5Qy:s5aU6pMGtRwrlewjb5ZXUf2iuOj22lpt
Static task
static1
Behavioral task
behavioral1
Sample
80889d59b92c0cfb8554443ccd6f5cec5ffaf6d04a72b55bf9c099cf8c90cb3a.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
80889d59b92c0cfb8554443ccd6f5cec5ffaf6d04a72b55bf9c099cf8c90cb3a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
80889d59b92c0cfb8554443ccd6f5cec5ffaf6d04a72b55bf9c099cf8c90cb3a.exe
-
Size
89KB
-
MD5
2a79ecadb7089fe494736a5344c00109
-
SHA1
a4be5f5bfcde6f9af49724b18a6dc4d4a1a2595f
-
SHA256
80889d59b92c0cfb8554443ccd6f5cec5ffaf6d04a72b55bf9c099cf8c90cb3a
-
SHA512
9c08928ed9218656d7d65b5c32681a1865e2702d0c6e0452a5a409781c830d4be89efb863ee57a1e64019b6c1e820e5266f199c4dd3c3a2fcdd5fc4f560f54a8
-
SSDEEP
1536:U6wDd6ytcU3TcE/yCFOD+paMGqCRQq+rj8CGyRQwR+KRFR3RzR1URJrCiuiNj5Qy:s5aU6pMGtRwrlewjb5ZXUf2iuOj22lpt
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-