General
-
Target
4d6eef302a970362c46c4a0dcbc1c1a33631c8528f2a99ee5e4302b683f45620N
-
Size
64KB
-
Sample
241110-a8svaawbpr
-
MD5
5432fff48502202a48998795abaa2610
-
SHA1
cad313062688d57a9d94396771ca109a75e74eb7
-
SHA256
4d6eef302a970362c46c4a0dcbc1c1a33631c8528f2a99ee5e4302b683f45620
-
SHA512
c49a48595968375c113ba2bc8f1573c038294b3c3bb0cbbe7ac1dbe43f92aebad7847e0e073ac5e76af3ac7d2cb7d5eb19c67ac2da4d4cf22b72051e025c512f
-
SSDEEP
768:qri02mD9Bjxv0yvbArCbY5N5wEpXBKUGhKF7DTMPr42H/1H5O6XJ1IwEGp9Thfz6:Q9jTbAmbM7rxOnRXUwXfzwv
Static task
static1
Behavioral task
behavioral1
Sample
4d6eef302a970362c46c4a0dcbc1c1a33631c8528f2a99ee5e4302b683f45620N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4d6eef302a970362c46c4a0dcbc1c1a33631c8528f2a99ee5e4302b683f45620N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
4d6eef302a970362c46c4a0dcbc1c1a33631c8528f2a99ee5e4302b683f45620N
-
Size
64KB
-
MD5
5432fff48502202a48998795abaa2610
-
SHA1
cad313062688d57a9d94396771ca109a75e74eb7
-
SHA256
4d6eef302a970362c46c4a0dcbc1c1a33631c8528f2a99ee5e4302b683f45620
-
SHA512
c49a48595968375c113ba2bc8f1573c038294b3c3bb0cbbe7ac1dbe43f92aebad7847e0e073ac5e76af3ac7d2cb7d5eb19c67ac2da4d4cf22b72051e025c512f
-
SSDEEP
768:qri02mD9Bjxv0yvbArCbY5N5wEpXBKUGhKF7DTMPr42H/1H5O6XJ1IwEGp9Thfz6:Q9jTbAmbM7rxOnRXUwXfzwv
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-