General
-
Target
0e6f3db80768b43770b8f2cee75b29b0411b88e448747a50e8cb743b8da5fe11N
-
Size
250KB
-
Sample
241107-erpthsxpal
-
MD5
c1683393814c74744134f077d9c3cf50
-
SHA1
51f2b48d934108b714982c8e50d6b0afd228ffc4
-
SHA256
0e6f3db80768b43770b8f2cee75b29b0411b88e448747a50e8cb743b8da5fe11
-
SHA512
34ade6b5c18a82ffe2759eacb0b13e7260a1ea47b4ba5c14a223ae52e285f2cbb9f9ea2052bea7a151bfeb10cfcb42cdf9aa05656744896c5c7bc5f3c52a810a
-
SSDEEP
6144:F4UHZtL2b2vCvfmZ7KRRRGBCvfmZ7KFpNlJTBCvfmZ7d:eUZta7
Static task
static1
Behavioral task
behavioral1
Sample
0e6f3db80768b43770b8f2cee75b29b0411b88e448747a50e8cb743b8da5fe11N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
0e6f3db80768b43770b8f2cee75b29b0411b88e448747a50e8cb743b8da5fe11N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
0e6f3db80768b43770b8f2cee75b29b0411b88e448747a50e8cb743b8da5fe11N
-
Size
250KB
-
MD5
c1683393814c74744134f077d9c3cf50
-
SHA1
51f2b48d934108b714982c8e50d6b0afd228ffc4
-
SHA256
0e6f3db80768b43770b8f2cee75b29b0411b88e448747a50e8cb743b8da5fe11
-
SHA512
34ade6b5c18a82ffe2759eacb0b13e7260a1ea47b4ba5c14a223ae52e285f2cbb9f9ea2052bea7a151bfeb10cfcb42cdf9aa05656744896c5c7bc5f3c52a810a
-
SSDEEP
6144:F4UHZtL2b2vCvfmZ7KRRRGBCvfmZ7KFpNlJTBCvfmZ7d:eUZta7
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-