General
-
Target
0f261960f6b2da0ae18a2e9a041596b0d8164940d55f4df5d63a34362412a247N
-
Size
465KB
-
Sample
241109-l5flbsselg
-
MD5
b265e779c7e56c7e9295545b8e6832a0
-
SHA1
bc0413b18207cd92e1137c3464b922e7487aa2c0
-
SHA256
0f261960f6b2da0ae18a2e9a041596b0d8164940d55f4df5d63a34362412a247
-
SHA512
43c1040eb385ffef0b228e6a388e780305d219dd7ab242e1248cb4a0dea9172a8c7601948f0bab4d0b35704bbbc6b1cafa626979e5bb2e37f41b362f7975abe0
-
SSDEEP
6144:Wrmh0qOOVF5V4lKjIbvBhRJfzSf9x7N/I7b9M:WrsO8LKlUmpRe94a
Static task
static1
Behavioral task
behavioral1
Sample
0f261960f6b2da0ae18a2e9a041596b0d8164940d55f4df5d63a34362412a247N.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
0f261960f6b2da0ae18a2e9a041596b0d8164940d55f4df5d63a34362412a247N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
0f261960f6b2da0ae18a2e9a041596b0d8164940d55f4df5d63a34362412a247N
-
Size
465KB
-
MD5
b265e779c7e56c7e9295545b8e6832a0
-
SHA1
bc0413b18207cd92e1137c3464b922e7487aa2c0
-
SHA256
0f261960f6b2da0ae18a2e9a041596b0d8164940d55f4df5d63a34362412a247
-
SHA512
43c1040eb385ffef0b228e6a388e780305d219dd7ab242e1248cb4a0dea9172a8c7601948f0bab4d0b35704bbbc6b1cafa626979e5bb2e37f41b362f7975abe0
-
SSDEEP
6144:Wrmh0qOOVF5V4lKjIbvBhRJfzSf9x7N/I7b9M:WrsO8LKlUmpRe94a
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-