General
-
Target
c9e037c50f6c644f1221c69b35647d0012e09bead739a7172328e7d37d291a73
-
Size
79KB
-
Sample
241208-dlbt2ayrcs
-
MD5
eda86f72c04043e0933464dd4b8589e0
-
SHA1
c68c15079e9ce58ed8ba347634444d3ecbb98d45
-
SHA256
c9e037c50f6c644f1221c69b35647d0012e09bead739a7172328e7d37d291a73
-
SHA512
ad493f0c28687132cb8a5f604d0ec7b2e59c2dd33110eccaf3e564661339ccd5e08e1f090bdf3c6fc42272df391187b72916303a3403d6c6814e5cd3d3fda183
-
SSDEEP
1536:YX2yYn2xkX+jkkqHlP+d7VnlZMrpgotbGJukR7YJfbj7RQLERbRUs3cO57OWxXPh:YX2p2xk0d7VjMSoy1Wv7eLElj9puE
Static task
static1
Behavioral task
behavioral1
Sample
c9e037c50f6c644f1221c69b35647d0012e09bead739a7172328e7d37d291a73.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
c9e037c50f6c644f1221c69b35647d0012e09bead739a7172328e7d37d291a73.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
c9e037c50f6c644f1221c69b35647d0012e09bead739a7172328e7d37d291a73
-
Size
79KB
-
MD5
eda86f72c04043e0933464dd4b8589e0
-
SHA1
c68c15079e9ce58ed8ba347634444d3ecbb98d45
-
SHA256
c9e037c50f6c644f1221c69b35647d0012e09bead739a7172328e7d37d291a73
-
SHA512
ad493f0c28687132cb8a5f604d0ec7b2e59c2dd33110eccaf3e564661339ccd5e08e1f090bdf3c6fc42272df391187b72916303a3403d6c6814e5cd3d3fda183
-
SSDEEP
1536:YX2yYn2xkX+jkkqHlP+d7VnlZMrpgotbGJukR7YJfbj7RQLERbRUs3cO57OWxXPh:YX2p2xk0d7VjMSoy1Wv7eLElj9puE
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-