General
-
Target
ffce9b90e8eeb2e770794aff40c6fada4101f381783f9c9ca7f87291397beda6N
-
Size
250KB
-
Sample
241109-g6ecfasldp
-
MD5
d5112ce663766c0dd660c65af1e62d40
-
SHA1
52330965f11303089e143eea689e2323f3fb7372
-
SHA256
ffce9b90e8eeb2e770794aff40c6fada4101f381783f9c9ca7f87291397beda6
-
SHA512
1e760f97977f40da23e90b5e00729aa75fbb72f3330a184b411edd0d8bd5c7f413264876123bd3bfa8397f031b0c287cbd92e44f5a63ba429387e1b916961a87
-
SSDEEP
6144:pOUWvCvfmZ7KRRRGBCvfmZ7KFpNlJTBCvfmZ7d:pO0
Static task
static1
Behavioral task
behavioral1
Sample
ffce9b90e8eeb2e770794aff40c6fada4101f381783f9c9ca7f87291397beda6N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ffce9b90e8eeb2e770794aff40c6fada4101f381783f9c9ca7f87291397beda6N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
ffce9b90e8eeb2e770794aff40c6fada4101f381783f9c9ca7f87291397beda6N
-
Size
250KB
-
MD5
d5112ce663766c0dd660c65af1e62d40
-
SHA1
52330965f11303089e143eea689e2323f3fb7372
-
SHA256
ffce9b90e8eeb2e770794aff40c6fada4101f381783f9c9ca7f87291397beda6
-
SHA512
1e760f97977f40da23e90b5e00729aa75fbb72f3330a184b411edd0d8bd5c7f413264876123bd3bfa8397f031b0c287cbd92e44f5a63ba429387e1b916961a87
-
SSDEEP
6144:pOUWvCvfmZ7KRRRGBCvfmZ7KFpNlJTBCvfmZ7d:pO0
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-