General
-
Target
2aa1e1506cc44b4e73513b7c471cbb78719317a2c256ee9630e8b01ef7faf15d.exe
-
Size
71KB
-
Sample
241222-nccp3swkby
-
MD5
90c8efb099a5bfc808db493862004876
-
SHA1
5b3eb3ad3614ad00847c38091c34f46005d1266c
-
SHA256
2aa1e1506cc44b4e73513b7c471cbb78719317a2c256ee9630e8b01ef7faf15d
-
SHA512
b078ca372a60c7800913c131cca4006f5a46779ef28e8c1240beb1032eb156823284810997a6119f53c2dd9509bcf93af3b85eb1a0a50ef40e74f4a971b2295f
-
SSDEEP
1536:0YzRel+HIcqyuGOEaL3pE1R4slqEOUDVilyPRQ4EDbEyRCRRRoR4RkS:vRw+HI1hlEaLNslqEOIvPe4CEy032yaS
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
2aa1e1506cc44b4e73513b7c471cbb78719317a2c256ee9630e8b01ef7faf15d.exe
-
Size
71KB
-
MD5
90c8efb099a5bfc808db493862004876
-
SHA1
5b3eb3ad3614ad00847c38091c34f46005d1266c
-
SHA256
2aa1e1506cc44b4e73513b7c471cbb78719317a2c256ee9630e8b01ef7faf15d
-
SHA512
b078ca372a60c7800913c131cca4006f5a46779ef28e8c1240beb1032eb156823284810997a6119f53c2dd9509bcf93af3b85eb1a0a50ef40e74f4a971b2295f
-
SSDEEP
1536:0YzRel+HIcqyuGOEaL3pE1R4slqEOUDVilyPRQ4EDbEyRCRRRoR4RkS:vRw+HI1hlEaLNslqEOIvPe4CEy032yaS
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew
Berbew is a backdoor written in C++.
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-