General
-
Target
Backdoor.Win32.Berbew-c2b59caf57d505a4dee9a0b47aa88d47cab182373d986fb3661b5bdd454040feN
-
Size
49KB
-
Sample
240916-m2ys6steqn
-
MD5
d10b2105dfb1a1676f22ac10941f40a0
-
SHA1
faa63b7f799ed5de30f47e3be079f8d3745c965b
-
SHA256
c2b59caf57d505a4dee9a0b47aa88d47cab182373d986fb3661b5bdd454040fe
-
SHA512
7791084f5325f07e14a8e75216ca263bd56ad1acce7b2945969575091210666a206f0e592a9f51de4a02657e0670d53d7ca491d931a7a08109f50bfa1890d9dc
-
SSDEEP
768:EjjicnZ4HQuQDeK2xpz5+nyh8SHuyH9G0MXA/1H532Xdnh:EnHZGADd2xpz5+nzSHuyH9G0IGy
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
Backdoor.Win32.Berbew-c2b59caf57d505a4dee9a0b47aa88d47cab182373d986fb3661b5bdd454040feN
-
Size
49KB
-
MD5
d10b2105dfb1a1676f22ac10941f40a0
-
SHA1
faa63b7f799ed5de30f47e3be079f8d3745c965b
-
SHA256
c2b59caf57d505a4dee9a0b47aa88d47cab182373d986fb3661b5bdd454040fe
-
SHA512
7791084f5325f07e14a8e75216ca263bd56ad1acce7b2945969575091210666a206f0e592a9f51de4a02657e0670d53d7ca491d931a7a08109f50bfa1890d9dc
-
SSDEEP
768:EjjicnZ4HQuQDeK2xpz5+nyh8SHuyH9G0MXA/1H532Xdnh:EnHZGADd2xpz5+nzSHuyH9G0IGy
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-