General
-
Target
f1eca89a5ad9ec58eb8d7701507d8e2843ab4c52692893450f186a432f7fdcf8
-
Size
96KB
-
Sample
241223-e5gp3awkgy
-
MD5
2f79c55c93a1b115889fae6a34f86330
-
SHA1
0d791284a5b2f0c5b983d6a29897d8d3923d3da3
-
SHA256
f1eca89a5ad9ec58eb8d7701507d8e2843ab4c52692893450f186a432f7fdcf8
-
SHA512
6425ffd7133785b81659c7253db1998114f247dc706b29dc6b3dc77863dcfba858ed89dac9d7b62e2cdba4cbeb011a8ff118aa28db21943d58d580ae3de7c084
-
SSDEEP
1536:FI3ld3fLM5NF8fQNVQy+nnaQuPnsjfu1hOvbdj9HIrZmkZaAjWbjtKBvU:FI3D3GCfainaQwYehOvbdjKAkZVwtCU
Static task
static1
Behavioral task
behavioral1
Sample
f1eca89a5ad9ec58eb8d7701507d8e2843ab4c52692893450f186a432f7fdcf8.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
f1eca89a5ad9ec58eb8d7701507d8e2843ab4c52692893450f186a432f7fdcf8.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
f1eca89a5ad9ec58eb8d7701507d8e2843ab4c52692893450f186a432f7fdcf8
-
Size
96KB
-
MD5
2f79c55c93a1b115889fae6a34f86330
-
SHA1
0d791284a5b2f0c5b983d6a29897d8d3923d3da3
-
SHA256
f1eca89a5ad9ec58eb8d7701507d8e2843ab4c52692893450f186a432f7fdcf8
-
SHA512
6425ffd7133785b81659c7253db1998114f247dc706b29dc6b3dc77863dcfba858ed89dac9d7b62e2cdba4cbeb011a8ff118aa28db21943d58d580ae3de7c084
-
SSDEEP
1536:FI3ld3fLM5NF8fQNVQy+nnaQuPnsjfu1hOvbdj9HIrZmkZaAjWbjtKBvU:FI3D3GCfainaQwYehOvbdjKAkZVwtCU
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-