General
-
Target
233b728cf4da754b6b1f0fd67a4fc0710a8e3d8483e09e427949ddea2fdc397eN
-
Size
226KB
-
Sample
241107-knsznaylax
-
MD5
e974bae10757b41b30e7eee76eb42100
-
SHA1
1a35f5b1d11ca4e32edd42d278dfd0b1e9480e02
-
SHA256
233b728cf4da754b6b1f0fd67a4fc0710a8e3d8483e09e427949ddea2fdc397e
-
SHA512
9f5d0c652170a2bf3362f25346041e5303f489a74bd023a4506a2b7b113d75134b65cfd3ae14df8d49b6cf399c6f07264ec28b30ff0df8b02f84b8a18e86f27e
-
SSDEEP
3072:Or51KlCSB3pMXYwDKcWmjRvDKcpDKcWmjRrzNtQtjDKcWmjRrzNtb:Z3pMXYJxEtQtsEtb
Static task
static1
Behavioral task
behavioral1
Sample
233b728cf4da754b6b1f0fd67a4fc0710a8e3d8483e09e427949ddea2fdc397eN.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
233b728cf4da754b6b1f0fd67a4fc0710a8e3d8483e09e427949ddea2fdc397eN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
233b728cf4da754b6b1f0fd67a4fc0710a8e3d8483e09e427949ddea2fdc397eN
-
Size
226KB
-
MD5
e974bae10757b41b30e7eee76eb42100
-
SHA1
1a35f5b1d11ca4e32edd42d278dfd0b1e9480e02
-
SHA256
233b728cf4da754b6b1f0fd67a4fc0710a8e3d8483e09e427949ddea2fdc397e
-
SHA512
9f5d0c652170a2bf3362f25346041e5303f489a74bd023a4506a2b7b113d75134b65cfd3ae14df8d49b6cf399c6f07264ec28b30ff0df8b02f84b8a18e86f27e
-
SSDEEP
3072:Or51KlCSB3pMXYwDKcWmjRvDKcpDKcWmjRrzNtQtjDKcWmjRrzNtb:Z3pMXYJxEtQtsEtb
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-