General
-
Target
ec9f28ac71e73bd65e42d0c73bd6bb4e55e4839ffcc3294c9dd3ee9b0d7a4cc7N.exe
-
Size
144KB
-
Sample
241222-rfn43a1mcj
-
MD5
b9b8888f986f41d607869b9b07aea860
-
SHA1
a7a851d035521790a30c65945a1bfaa9c371f42e
-
SHA256
ec9f28ac71e73bd65e42d0c73bd6bb4e55e4839ffcc3294c9dd3ee9b0d7a4cc7
-
SHA512
0a1f3e216c6bae38e058914400cde648f28f2e3adc983d5dc8cad29c863852a35fb383c41cfb4c82e9786285cea7c1b16c31d6842196e49bcc4091630a257d79
-
SSDEEP
3072:kdEEoPT0gs1CcQJsnCcYzGYJpD9r8XxrYnQg4sI+:LZ27qLcCGyZ6Yu+
Static task
static1
Behavioral task
behavioral1
Sample
ec9f28ac71e73bd65e42d0c73bd6bb4e55e4839ffcc3294c9dd3ee9b0d7a4cc7N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ec9f28ac71e73bd65e42d0c73bd6bb4e55e4839ffcc3294c9dd3ee9b0d7a4cc7N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
ec9f28ac71e73bd65e42d0c73bd6bb4e55e4839ffcc3294c9dd3ee9b0d7a4cc7N.exe
-
Size
144KB
-
MD5
b9b8888f986f41d607869b9b07aea860
-
SHA1
a7a851d035521790a30c65945a1bfaa9c371f42e
-
SHA256
ec9f28ac71e73bd65e42d0c73bd6bb4e55e4839ffcc3294c9dd3ee9b0d7a4cc7
-
SHA512
0a1f3e216c6bae38e058914400cde648f28f2e3adc983d5dc8cad29c863852a35fb383c41cfb4c82e9786285cea7c1b16c31d6842196e49bcc4091630a257d79
-
SSDEEP
3072:kdEEoPT0gs1CcQJsnCcYzGYJpD9r8XxrYnQg4sI+:LZ27qLcCGyZ6Yu+
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-