General
-
Target
016da3249793093d98c4af04c1e2ce79bccd53292d1c8f4c75a805d13cc784f3N
-
Size
64KB
-
Sample
241107-eh8v2atqdx
-
MD5
534fb8d891f1ebd1a5944e3d4eb76ea0
-
SHA1
b5f1a0e3e8951b7c96eefea69491885e68f529f5
-
SHA256
016da3249793093d98c4af04c1e2ce79bccd53292d1c8f4c75a805d13cc784f3
-
SHA512
7fb78d0c505430c06a34d8ab75254730cdc54f237d6bca95ade924806d0757bf39717dc14303b210337e702f793b7a2b11b38e4372b7f813d36d05e5b60d3a2f
-
SSDEEP
1536:h6KdqtiihzOEgZ5YVgd4zFpPWyAgrPFW2iwTbWv:h6YqsihzOEgQXPFW2VTbWv
Static task
static1
Behavioral task
behavioral1
Sample
016da3249793093d98c4af04c1e2ce79bccd53292d1c8f4c75a805d13cc784f3N.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
016da3249793093d98c4af04c1e2ce79bccd53292d1c8f4c75a805d13cc784f3N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
016da3249793093d98c4af04c1e2ce79bccd53292d1c8f4c75a805d13cc784f3N
-
Size
64KB
-
MD5
534fb8d891f1ebd1a5944e3d4eb76ea0
-
SHA1
b5f1a0e3e8951b7c96eefea69491885e68f529f5
-
SHA256
016da3249793093d98c4af04c1e2ce79bccd53292d1c8f4c75a805d13cc784f3
-
SHA512
7fb78d0c505430c06a34d8ab75254730cdc54f237d6bca95ade924806d0757bf39717dc14303b210337e702f793b7a2b11b38e4372b7f813d36d05e5b60d3a2f
-
SSDEEP
1536:h6KdqtiihzOEgZ5YVgd4zFpPWyAgrPFW2iwTbWv:h6YqsihzOEgQXPFW2VTbWv
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-