General
-
Target
ac39a80256b0c2b9e28d677350c27a5191cb2942470dfd0aee190ec2a6d027f7
-
Size
297KB
-
Sample
241223-cflllstqdj
-
MD5
c7adc8f01cf43eb9bf33254c12a964f3
-
SHA1
b4421c22c0a03b8f792e194c47ac0f51524f6768
-
SHA256
ac39a80256b0c2b9e28d677350c27a5191cb2942470dfd0aee190ec2a6d027f7
-
SHA512
8efa7393d6b3e7fdbe4b72617f5d6c80a4415461ca5c296b4ae6abac82830551855e23b07c84eff2a94d216ba1a12cdc80ccdfa73ee4425742c8afa7c968e963
-
SSDEEP
6144:f1c17HaHtcpfZpui6yYPaIGckXBVbHmtswcoEe0g8IkQs4UAcoEwMY0g8IkQs4UY:tc17HaHtcpRpV6yYPoBVgsPpV6yYPHG8
Behavioral task
behavioral1
Sample
ac39a80256b0c2b9e28d677350c27a5191cb2942470dfd0aee190ec2a6d027f7.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ac39a80256b0c2b9e28d677350c27a5191cb2942470dfd0aee190ec2a6d027f7.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
ac39a80256b0c2b9e28d677350c27a5191cb2942470dfd0aee190ec2a6d027f7
-
Size
297KB
-
MD5
c7adc8f01cf43eb9bf33254c12a964f3
-
SHA1
b4421c22c0a03b8f792e194c47ac0f51524f6768
-
SHA256
ac39a80256b0c2b9e28d677350c27a5191cb2942470dfd0aee190ec2a6d027f7
-
SHA512
8efa7393d6b3e7fdbe4b72617f5d6c80a4415461ca5c296b4ae6abac82830551855e23b07c84eff2a94d216ba1a12cdc80ccdfa73ee4425742c8afa7c968e963
-
SSDEEP
6144:f1c17HaHtcpfZpui6yYPaIGckXBVbHmtswcoEe0g8IkQs4UAcoEwMY0g8IkQs4UY:tc17HaHtcpRpV6yYPoBVgsPpV6yYPHG8
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-