General
-
Target
bafe4c190c506fe630680ffe488c7aeb7d9bed097e2d0474844b91e8af8285fbN
-
Size
128KB
-
Sample
241109-plt66avang
-
MD5
4e84843e29145b9cd927ee1d3c0847c0
-
SHA1
32ac66d3b57810b5cb8e0a85da7cb52cf01358d1
-
SHA256
bafe4c190c506fe630680ffe488c7aeb7d9bed097e2d0474844b91e8af8285fb
-
SHA512
86b99c99da601d583beba45af4a2cea6d381852e941508cb2ea29f328572ceeabdd9f04951e4c9ce175467f7fd00a726f2713c1a83f5342f1da4742f79cc57bf
-
SSDEEP
3072:Yb3f2WUG9EwlbTKtKG7UDd0pCrQIFdFtLQ:2P2WUGKwla4G7Ux0ocIPF9Q
Static task
static1
Behavioral task
behavioral1
Sample
bafe4c190c506fe630680ffe488c7aeb7d9bed097e2d0474844b91e8af8285fbN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
bafe4c190c506fe630680ffe488c7aeb7d9bed097e2d0474844b91e8af8285fbN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
bafe4c190c506fe630680ffe488c7aeb7d9bed097e2d0474844b91e8af8285fbN
-
Size
128KB
-
MD5
4e84843e29145b9cd927ee1d3c0847c0
-
SHA1
32ac66d3b57810b5cb8e0a85da7cb52cf01358d1
-
SHA256
bafe4c190c506fe630680ffe488c7aeb7d9bed097e2d0474844b91e8af8285fb
-
SHA512
86b99c99da601d583beba45af4a2cea6d381852e941508cb2ea29f328572ceeabdd9f04951e4c9ce175467f7fd00a726f2713c1a83f5342f1da4742f79cc57bf
-
SSDEEP
3072:Yb3f2WUG9EwlbTKtKG7UDd0pCrQIFdFtLQ:2P2WUGKwla4G7Ux0ocIPF9Q
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-