General
-
Target
306b02d2ae020a1840dd1f9142ba01afa08be80248419a3bc5b5c46f2cef282bN
-
Size
45KB
-
Sample
241109-j25pya1crn
-
MD5
a4681417d937284d1ed26feabb0449b0
-
SHA1
dc9bc8964d0f7aff75bc4086e4efe57d51ab91b0
-
SHA256
306b02d2ae020a1840dd1f9142ba01afa08be80248419a3bc5b5c46f2cef282b
-
SHA512
3218c18d8fb1382ac218662a18e78b1e2080d2aabd2004e111ae9ee90e25bc4a9602d51889e620134d9c7d69622dfcc41e022a3730ef36a4dc9d66e02df4cf8e
-
SSDEEP
768:2SaYGmbLuVcr9bzDaCQnGyMG5mkmcN+1Wqoah8jzMBv4Wwi9PPPPPQnih/1H5N:2SaY1uWRbzDaCQ553mcN+A77WwiSaD
Static task
static1
Behavioral task
behavioral1
Sample
306b02d2ae020a1840dd1f9142ba01afa08be80248419a3bc5b5c46f2cef282bN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
306b02d2ae020a1840dd1f9142ba01afa08be80248419a3bc5b5c46f2cef282bN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
306b02d2ae020a1840dd1f9142ba01afa08be80248419a3bc5b5c46f2cef282bN
-
Size
45KB
-
MD5
a4681417d937284d1ed26feabb0449b0
-
SHA1
dc9bc8964d0f7aff75bc4086e4efe57d51ab91b0
-
SHA256
306b02d2ae020a1840dd1f9142ba01afa08be80248419a3bc5b5c46f2cef282b
-
SHA512
3218c18d8fb1382ac218662a18e78b1e2080d2aabd2004e111ae9ee90e25bc4a9602d51889e620134d9c7d69622dfcc41e022a3730ef36a4dc9d66e02df4cf8e
-
SSDEEP
768:2SaYGmbLuVcr9bzDaCQnGyMG5mkmcN+1Wqoah8jzMBv4Wwi9PPPPPQnih/1H5N:2SaY1uWRbzDaCQ553mcN+A77WwiSaD
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-