General
-
Target
0279c7f8ccba561879857b83cee5dac00fb1980e88d8c0e26f843abbb2785090N
-
Size
512KB
-
Sample
241107-jafxha1kbl
-
MD5
8ce73002ad458bb434a17ed18593a610
-
SHA1
319e20c0d3fbd1a5a047e8b97f604fc0e237e76f
-
SHA256
0279c7f8ccba561879857b83cee5dac00fb1980e88d8c0e26f843abbb2785090
-
SHA512
ee942c8ef55277af1a2b4be2978121c8388ae7e95a9c0ca0cf3a091ed3c2415a47c194e382d454ac7d6ee3b11047594d40459e5bbebe30806739d94e68f5b672
-
SSDEEP
6144:J77ogTUZP8VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:J77mUG5t1sI5yl48pArv8o4L
Static task
static1
Behavioral task
behavioral1
Sample
0279c7f8ccba561879857b83cee5dac00fb1980e88d8c0e26f843abbb2785090N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
0279c7f8ccba561879857b83cee5dac00fb1980e88d8c0e26f843abbb2785090N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
0279c7f8ccba561879857b83cee5dac00fb1980e88d8c0e26f843abbb2785090N
-
Size
512KB
-
MD5
8ce73002ad458bb434a17ed18593a610
-
SHA1
319e20c0d3fbd1a5a047e8b97f604fc0e237e76f
-
SHA256
0279c7f8ccba561879857b83cee5dac00fb1980e88d8c0e26f843abbb2785090
-
SHA512
ee942c8ef55277af1a2b4be2978121c8388ae7e95a9c0ca0cf3a091ed3c2415a47c194e382d454ac7d6ee3b11047594d40459e5bbebe30806739d94e68f5b672
-
SSDEEP
6144:J77ogTUZP8VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:J77mUG5t1sI5yl48pArv8o4L
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-