General

  • Target

    d4da75ccd31a6dc94b617b6742dc841ae7ff0d445e6b72a803b6a5ae80610484N

  • Size

    259KB

  • MD5

    b816959601f51be93707a2e92fb96190

  • SHA1

    4dbde684ee87cd2d6bcbe9cc95c1ce8fb9cf736d

  • SHA256

    d4da75ccd31a6dc94b617b6742dc841ae7ff0d445e6b72a803b6a5ae80610484

  • SHA512

    3d0f20486720ccab3c2db667a64957b57d726b0204c39f3bfbad4d920655dd585f7119582f386debbc2894a342dd989d25ee3545446161571759ac638d35db1c

  • SSDEEP

    3072:wFB5C0DOao0j8S6J9IDlRxyhTbhgu+tAcrzkAqSxYIhOmTsF93UYfwC6GIoutz5s:wFB5C09j8S6sDshsrYIcm4FmowdHoSa

Score
10/10

Malware Config

Extracted

Family

berbew

C2

http://crutop.nu/index.php

http://crutop.ru/index.php

http://mazafaka.ru/index.php

http://color-bank.ru/index.php

http://asechka.ru/index.php

http://trojan.ru/index.php

http://fuck.ru/index.php

http://goldensand.ru/index.php

http://filesearch.ru/index.php

http://devx.nm.ru/index.php

http://ros-neftbank.ru/index.php

http://lovingod.host.sk/index.php

http://www.redline.ru/index.php

http://cvv.ru/index.php

http://hackers.lv/index.php

http://fethard.biz/index.php

http://ldark.nm.ru/index.htm

http://gaz-prom.ru/index.htm

http://promo.ru/index.htm

http://potleaf.chat.ru/index.htm

Signatures

  • Berbew family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d4da75ccd31a6dc94b617b6742dc841ae7ff0d445e6b72a803b6a5ae80610484N
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.