General
-
Target
caea0801b8fbaba6fe61c3ada589f15542fbb757a0a652d799af8e7c66cb1448N
-
Size
345KB
-
Sample
241107-enw4eswamq
-
MD5
905a5528f3b6ab7d6c2567a5bfbae160
-
SHA1
08f85975df216e750f7256e64981da4b6c839c27
-
SHA256
caea0801b8fbaba6fe61c3ada589f15542fbb757a0a652d799af8e7c66cb1448
-
SHA512
235dc3aec4259d8b18280f264155ccd28bb77b0e23e13041a3208a44aa4ebc4cef80bb0584c2803da6584cca5cc847f2899d4272f06d5bb15b1ca1743e414ad5
-
SSDEEP
6144:A4+U4U3JdJCMaB4muz14QaYgTt+scaHACw6Ykw/a8dWBtp27DpomqcPMwNFN6aea:D94P1uznghoaHACwBkka8eGp7dPRr6af
Static task
static1
Behavioral task
behavioral1
Sample
caea0801b8fbaba6fe61c3ada589f15542fbb757a0a652d799af8e7c66cb1448N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
caea0801b8fbaba6fe61c3ada589f15542fbb757a0a652d799af8e7c66cb1448N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
caea0801b8fbaba6fe61c3ada589f15542fbb757a0a652d799af8e7c66cb1448N
-
Size
345KB
-
MD5
905a5528f3b6ab7d6c2567a5bfbae160
-
SHA1
08f85975df216e750f7256e64981da4b6c839c27
-
SHA256
caea0801b8fbaba6fe61c3ada589f15542fbb757a0a652d799af8e7c66cb1448
-
SHA512
235dc3aec4259d8b18280f264155ccd28bb77b0e23e13041a3208a44aa4ebc4cef80bb0584c2803da6584cca5cc847f2899d4272f06d5bb15b1ca1743e414ad5
-
SSDEEP
6144:A4+U4U3JdJCMaB4muz14QaYgTt+scaHACw6Ykw/a8dWBtp27DpomqcPMwNFN6aea:D94P1uznghoaHACwBkka8eGp7dPRr6af
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-