cerber | bdac9de853d9b77880dd0ad0e7498fdee8d437766c7a64d41172826446bdd82f | Triage

Submit
Reports

Overview

overview

Static

static

3

ImGui-KeyA...se.exe

windows7-x64

5

ImGui-KeyA...se.exe

windows10-2004-x64

Sharing

General

Target

ImGui-KeyAuth-Base.exe
Size

1.1MB
Sample

250209-288z2swjaq
MD5

802425f5934f95005e12059201c8a730
SHA1

f967f815fb8f7a724c58f5cb881056ea9f1cdd04
SHA256

bdac9de853d9b77880dd0ad0e7498fdee8d437766c7a64d41172826446bdd82f
SHA512

2164525c059d997e2d7659f4c8d371b1d515145ca3aa14681ba8886947d606c41fd00788856d9876488fa6892f5f880ee2eca0a5c775ed7ff447dd4003db16d3
SSDEEP

24576:Mxm2gKGN10QR0t1QEQ7l5kuGKFzFTSpkPcnz:wm2wH6I7lFFTFcn

Score

10^/10

cerber discovery ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ImGui-KeyAuth-Base.exe

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

ImGui-KeyAuth-Base.exe

Resource

win10v2004-20250207-en

cerber discovery ransomware

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  ImGui-KeyAuth-Base.exe
- Size
  
  1.1MB
- MD5
  
  802425f5934f95005e12059201c8a730
- SHA1
  
  f967f815fb8f7a724c58f5cb881056ea9f1cdd04
- SHA256
  
  bdac9de853d9b77880dd0ad0e7498fdee8d437766c7a64d41172826446bdd82f
- SHA512
  
  2164525c059d997e2d7659f4c8d371b1d515145ca3aa14681ba8886947d606c41fd00788856d9876488fa6892f5f880ee2eca0a5c775ed7ff447dd4003db16d3
- SSDEEP
  
  24576:Mxm2gKGN10QR0t1QEQ7l5kuGKFzFTSpkPcnz:wm2wH6I7lFFTFcn
Score

10^/10

cerber discovery ransomware
- Cerber
  Cerber is a widely used ransomware-as-a-service (RaaS), first seen in 2017.
  ransomware cerber
- Cerber family
  cerber
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

cerberdiscoveryransomware

© 2018-2025

Terms | Privacy