General
-
Target
Backdoor.Win32.Berbew-20af40cbc3e69ab12d397585961f78969bc0aeadbf5adf698d01d992ad1180c6N
-
Size
49KB
-
Sample
240916-m3kb6stfjm
-
MD5
328245cab0e355c369fb5736fefff350
-
SHA1
800f9e776827af80c6589dac631830bb14deca78
-
SHA256
20af40cbc3e69ab12d397585961f78969bc0aeadbf5adf698d01d992ad1180c6
-
SHA512
afb34badc7ce19a4584b401251f6d01701c3cb52f81591f9e811a52f45c9bb4f6154180145aa6704b19c75130b3963098b7aa48d0d5f8381ecf2ef7fb004104d
-
SSDEEP
768:EHfV4bK0JZKv3JMnV7R+DP2m8DfhxtMGtCt6wnuh//1H5BtH2Xdnh:EHfV4eD3CnV1+DHQthtCt6UaRu
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
Backdoor.Win32.Berbew-20af40cbc3e69ab12d397585961f78969bc0aeadbf5adf698d01d992ad1180c6N
-
Size
49KB
-
MD5
328245cab0e355c369fb5736fefff350
-
SHA1
800f9e776827af80c6589dac631830bb14deca78
-
SHA256
20af40cbc3e69ab12d397585961f78969bc0aeadbf5adf698d01d992ad1180c6
-
SHA512
afb34badc7ce19a4584b401251f6d01701c3cb52f81591f9e811a52f45c9bb4f6154180145aa6704b19c75130b3963098b7aa48d0d5f8381ecf2ef7fb004104d
-
SSDEEP
768:EHfV4bK0JZKv3JMnV7R+DP2m8DfhxtMGtCt6wnuh//1H5BtH2Xdnh:EHfV4eD3CnV1+DHQthtCt6UaRu
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-