General
-
Target
451ea88ae3d60c2f636d5a40a63a8df8b1d8a4e7e73f27df26098019984f757fN
-
Size
345KB
-
Sample
241107-kbml4s1qbj
-
MD5
f51fe392629669f06e40af374b709c90
-
SHA1
9033820ff57a52b374a7033a8e24e90e9128150f
-
SHA256
451ea88ae3d60c2f636d5a40a63a8df8b1d8a4e7e73f27df26098019984f757f
-
SHA512
d3191356e708d7a687248d517564c88d57f0a66f77596f9c8c9c0ea14c714cb633bf9e87d0e230ee5330f79968c5567f3c9e1c1bccb4d2c74ed8a6cf81abf648
-
SSDEEP
6144:dgxjvsCMaB4muz14QaYgTt+scaHACw6Ykw/a8dWBtp27DpomqcPMwNFN6aeK9kc:mxrZ1uznghoaHACwBkka8eGp7dPRr6af
Static task
static1
Behavioral task
behavioral1
Sample
451ea88ae3d60c2f636d5a40a63a8df8b1d8a4e7e73f27df26098019984f757fN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
451ea88ae3d60c2f636d5a40a63a8df8b1d8a4e7e73f27df26098019984f757fN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
451ea88ae3d60c2f636d5a40a63a8df8b1d8a4e7e73f27df26098019984f757fN
-
Size
345KB
-
MD5
f51fe392629669f06e40af374b709c90
-
SHA1
9033820ff57a52b374a7033a8e24e90e9128150f
-
SHA256
451ea88ae3d60c2f636d5a40a63a8df8b1d8a4e7e73f27df26098019984f757f
-
SHA512
d3191356e708d7a687248d517564c88d57f0a66f77596f9c8c9c0ea14c714cb633bf9e87d0e230ee5330f79968c5567f3c9e1c1bccb4d2c74ed8a6cf81abf648
-
SSDEEP
6144:dgxjvsCMaB4muz14QaYgTt+scaHACw6Ykw/a8dWBtp27DpomqcPMwNFN6aeK9kc:mxrZ1uznghoaHACwBkka8eGp7dPRr6af
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-