General
-
Target
9cedf4fd20dbc98db00f754d03ff022bd1b8c2d59f403051faf32466d32b9095N
-
Size
512KB
-
Sample
241107-e9hsxsxreq
-
MD5
be63d509f195ccc387c76082bee1c070
-
SHA1
3d789d4c49e4f81e56bdef8a17dd46af23912f05
-
SHA256
9cedf4fd20dbc98db00f754d03ff022bd1b8c2d59f403051faf32466d32b9095
-
SHA512
b537d7c882335a26df7e9cbf20fe38183c15eed98eb729e35063c8767af1332878b2e3fd581a9351f8485b972f0a8f2e8f272aec58c9e110182c931b46ba1659
-
SSDEEP
6144:GpwcPUZ55tTDUZNSN58VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:OU55t6NSN6G5t1sI5yl48pArv8o4L
Static task
static1
Behavioral task
behavioral1
Sample
9cedf4fd20dbc98db00f754d03ff022bd1b8c2d59f403051faf32466d32b9095N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9cedf4fd20dbc98db00f754d03ff022bd1b8c2d59f403051faf32466d32b9095N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
9cedf4fd20dbc98db00f754d03ff022bd1b8c2d59f403051faf32466d32b9095N
-
Size
512KB
-
MD5
be63d509f195ccc387c76082bee1c070
-
SHA1
3d789d4c49e4f81e56bdef8a17dd46af23912f05
-
SHA256
9cedf4fd20dbc98db00f754d03ff022bd1b8c2d59f403051faf32466d32b9095
-
SHA512
b537d7c882335a26df7e9cbf20fe38183c15eed98eb729e35063c8767af1332878b2e3fd581a9351f8485b972f0a8f2e8f272aec58c9e110182c931b46ba1659
-
SSDEEP
6144:GpwcPUZ55tTDUZNSN58VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:OU55t6NSN6G5t1sI5yl48pArv8o4L
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-