General
-
Target
d3e73c29d2aea8bd596dd993ad30d8487fbf4e790feaac9fced620b3219ed29bN
-
Size
64KB
-
Sample
241107-eabkkatpay
-
MD5
c90dfe148a79fb817b970f1bb6b3f2b0
-
SHA1
16f3079dda03ab159349b04d241eb33f6c12a39e
-
SHA256
d3e73c29d2aea8bd596dd993ad30d8487fbf4e790feaac9fced620b3219ed29b
-
SHA512
0e0f23231ff514fae3a6535176b1a49afb8e5f3597aaf8220c0873f6286b14dd8f1f4f5e288b11ccd31f3f34ef5af566d96c08fd710485351f68421b932edf0a
-
SSDEEP
768:82KFhnAKJS4kZEZeMHOzGtqDDvLFMIPIbXydsqyavM/AQI0xx2/1H5B6XJ1IwEGQ:i6COWLydLyaUIXOXUwXfzwv
Static task
static1
Behavioral task
behavioral1
Sample
d3e73c29d2aea8bd596dd993ad30d8487fbf4e790feaac9fced620b3219ed29bN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d3e73c29d2aea8bd596dd993ad30d8487fbf4e790feaac9fced620b3219ed29bN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
d3e73c29d2aea8bd596dd993ad30d8487fbf4e790feaac9fced620b3219ed29bN
-
Size
64KB
-
MD5
c90dfe148a79fb817b970f1bb6b3f2b0
-
SHA1
16f3079dda03ab159349b04d241eb33f6c12a39e
-
SHA256
d3e73c29d2aea8bd596dd993ad30d8487fbf4e790feaac9fced620b3219ed29b
-
SHA512
0e0f23231ff514fae3a6535176b1a49afb8e5f3597aaf8220c0873f6286b14dd8f1f4f5e288b11ccd31f3f34ef5af566d96c08fd710485351f68421b932edf0a
-
SSDEEP
768:82KFhnAKJS4kZEZeMHOzGtqDDvLFMIPIbXydsqyavM/AQI0xx2/1H5B6XJ1IwEGQ:i6COWLydLyaUIXOXUwXfzwv
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-