General
-
Target
5533c61da3edb08a688aa9bbc7a17f9fafca0ca122f6138b67b98f489f5a4e7f
-
Size
56KB
-
Sample
241004-1p1znasfnh
-
MD5
78ee230654de429198c5571eda91fdf1
-
SHA1
21b1340d30a5bc35859ca023843fa760eb78f36a
-
SHA256
5533c61da3edb08a688aa9bbc7a17f9fafca0ca122f6138b67b98f489f5a4e7f
-
SHA512
23036debc33a3f395ed9b19144ddfbfc9d9feb572f07a0a6b17764f9aca8196eebd3b351036d79a9177eadba7684606482c9e1ee4cfbcaee2391a0c4ca2b38d7
-
SSDEEP
1536:TiMcIiG8Vu9HVWU8OzvGvvPPPMJZC3H7:mjqHVfhw3H7
Malware Config
Extracted
berbew
http://crutop.nu/index.php
http://devx.nm.ru/index.php
http://ros-neftbank.ru/index.php
http://master-x.com/index.php
http://www.redline.ru/index.php
http://cvv.ru/index.php
http://hackers.lv/index.php
http://fethard.biz/index.php
http://crutop.ru/index.php
http://kaspersky.ru/index.php
http://color-bank.ru/index.php
http://adult-empire.com/index.php
http://virus-list.com/index.php
http://trojan.ru/index.php
http://xware.cjb.net/index.htm
http://konfiskat.org/index.htm
http://parex-bank.ru/index.htm
http://fethard.biz/index.htm
http://ldark.nm.ru/index.htm
http://gaz-prom.ru/index.htm
Targets
-
-
Target
5533c61da3edb08a688aa9bbc7a17f9fafca0ca122f6138b67b98f489f5a4e7f
-
Size
56KB
-
MD5
78ee230654de429198c5571eda91fdf1
-
SHA1
21b1340d30a5bc35859ca023843fa760eb78f36a
-
SHA256
5533c61da3edb08a688aa9bbc7a17f9fafca0ca122f6138b67b98f489f5a4e7f
-
SHA512
23036debc33a3f395ed9b19144ddfbfc9d9feb572f07a0a6b17764f9aca8196eebd3b351036d79a9177eadba7684606482c9e1ee4cfbcaee2391a0c4ca2b38d7
-
SSDEEP
1536:TiMcIiG8Vu9HVWU8OzvGvvPPPMJZC3H7:mjqHVfhw3H7
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew
Berbew is a backdoor written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-