General
-
Target
a6626d32412abf2f7a05f3fc39b47f768c373b84b2e42a0d4f8aa189b27ffd57N
-
Size
64KB
-
Sample
241107-ek6hpaxmhl
-
MD5
1b858bec18f269aa04aff6473830d2e0
-
SHA1
0be796aa02bfd83e135cc9a67be81aeb0e0fe02f
-
SHA256
a6626d32412abf2f7a05f3fc39b47f768c373b84b2e42a0d4f8aa189b27ffd57
-
SHA512
47ed597e398146717df557c4a6bfc7fdc99d20b9c9acd83f5a8d3b9fd238291eb9f89eb1be71ce18108c8249dfd9251375fcf5824328e82a9c3fcf7d19354057
-
SSDEEP
768:HzANO5wReg/oLMNFsXj9h9992sXKwAgc/9fzB+g+O1Pj/1H5K6XJ1IwEGp9Thfz6:IO5YZ/BWj9D7Ygc5ykPVFXUwXfzwv
Static task
static1
Behavioral task
behavioral1
Sample
a6626d32412abf2f7a05f3fc39b47f768c373b84b2e42a0d4f8aa189b27ffd57N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a6626d32412abf2f7a05f3fc39b47f768c373b84b2e42a0d4f8aa189b27ffd57N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
a6626d32412abf2f7a05f3fc39b47f768c373b84b2e42a0d4f8aa189b27ffd57N
-
Size
64KB
-
MD5
1b858bec18f269aa04aff6473830d2e0
-
SHA1
0be796aa02bfd83e135cc9a67be81aeb0e0fe02f
-
SHA256
a6626d32412abf2f7a05f3fc39b47f768c373b84b2e42a0d4f8aa189b27ffd57
-
SHA512
47ed597e398146717df557c4a6bfc7fdc99d20b9c9acd83f5a8d3b9fd238291eb9f89eb1be71ce18108c8249dfd9251375fcf5824328e82a9c3fcf7d19354057
-
SSDEEP
768:HzANO5wReg/oLMNFsXj9h9992sXKwAgc/9fzB+g+O1Pj/1H5K6XJ1IwEGp9Thfz6:IO5YZ/BWj9D7Ygc5ykPVFXUwXfzwv
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-