MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5c62782d077bc7d313f75e643ad404f04f006e666fa92608cd779b9121e854d4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5c62782d077bc7d313f75e643ad404f04f006e666fa92608cd779b9121e854d4
SHA3-384 hash: f3f4c1e274b4b568e6f3413b709f080a1c368f0d719e786dccf3431e23b3eae1bdb1fb5365638c89ec7c2f8e794709af
SHA1 hash: e535ae6580b3e3200f0a099133f4b30a07b5f070
MD5 hash: 39e3618ef02269115eda9fbc38fdcfb8
humanhash: alaska-shade-pip-wolfram
File name:5c62782d077bc7d313f75e643ad404f04f006e666fa92608cd779b9121e854d4
Download: download sample
File size:946'618 bytes
First seen:2020-11-07 20:16:44 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash a64e048b98d051ae6e6b6334f77c95d3 (7 x Berbew)
ssdeep 24576:clx4xdgXUa6QiS+DqQPlx4xdgXUa6QiSk:I+DqQhk
Threatray 173 similar samples on MalwareBazaar
TLSH 32159E8592615D51D8F682F27FAF1605E8F26CBEE61B00FBBF4C78CA1ABD4414B4814E
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Dropper.Berbew-9106192-0
Create hunting rule

Win.Malware.Yakes-9669964-0
Create hunting rule

Win.Malware.Qukart-9669966-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a file in the Windows subdirectories
Creating a process from a recently created file
Creating a process with a hidden window
Enabling autorun
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5c62782d077bc7d313f75e643ad404f04f006e666fa92608cd779b9121e854d4/
Threat name:
Win32.Backdoor.Berbew
Create hunting rule
Status:
Malicious
First seen:
2020-11-07 20:38:45 UTC
AV detection:
28 of 29 (96.55%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
452f8859d1b67e0bf9e98be9babbaf597ff1fade06ad646d306ec1cc15cee0e5
477435b5dffab09deb3fbc0ceba951a59608ff19d66c794b0895ae45cac38a01
5ba5f7772ac0532f17497df1089af92ebe63e918c956132327cc9d3bd6c61b31
5e7a5f8ea8ad4086e0c320986b628e4a606590e6f5e5c4a36968a6be2b89a6e2
93250c493eb18e3d5239f8386453d1e1b26bb2f6d3f47a9038132b6da217c2b6
9601c268a4fab57aeda5c79ce310d4e7364dbc643a526b6d80599d23459f1dfd
a4df4e0de251fdc2d1c250c93b784c60773e366bde6eb7ead3f807f0945dd8bd
b399f7597a61aaf1eb5fc44e64786ec1625712c8ca4005f8f60b3c5430d724e3
c11d3762d7c2f6eec3129a48d06f3b22664dbd4c97ca50c1bae5d0974912d265
f53bdad654d80edc2e2ee1203f5a36315569dcec2e29ad6770783c56287b268d
+ 163 additional samples on MalwareBazaar
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments