General
-
Target
ae1c84c57aa6a38fe38be99140be58a77bbaf8988b0b2865a3b1ec17d2f9f913
-
Size
97KB
-
Sample
241110-b42gaswlcs
-
MD5
cfcfa54ceebdba517a5486ea24e0dce2
-
SHA1
b4c3404f549daffff272e05f0ca64f987684e04c
-
SHA256
ae1c84c57aa6a38fe38be99140be58a77bbaf8988b0b2865a3b1ec17d2f9f913
-
SHA512
b3c399264e257ceea5b6a70d37543ebbd770225d7862ee9b530c781f6903f6aac520a180bef8c70e92baa8e114b9f460d3888684f402ec660f9e83acffdf9918
-
SSDEEP
1536:aU/ihgkl94hm7JmrR3fmt3XUwXfzwE57pvJXeYZ6:F/CgkVmrNmFPzwm7pJXeK6
Static task
static1
Behavioral task
behavioral1
Sample
ae1c84c57aa6a38fe38be99140be58a77bbaf8988b0b2865a3b1ec17d2f9f913.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ae1c84c57aa6a38fe38be99140be58a77bbaf8988b0b2865a3b1ec17d2f9f913.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
ae1c84c57aa6a38fe38be99140be58a77bbaf8988b0b2865a3b1ec17d2f9f913
-
Size
97KB
-
MD5
cfcfa54ceebdba517a5486ea24e0dce2
-
SHA1
b4c3404f549daffff272e05f0ca64f987684e04c
-
SHA256
ae1c84c57aa6a38fe38be99140be58a77bbaf8988b0b2865a3b1ec17d2f9f913
-
SHA512
b3c399264e257ceea5b6a70d37543ebbd770225d7862ee9b530c781f6903f6aac520a180bef8c70e92baa8e114b9f460d3888684f402ec660f9e83acffdf9918
-
SSDEEP
1536:aU/ihgkl94hm7JmrR3fmt3XUwXfzwE57pvJXeYZ6:F/CgkVmrNmFPzwm7pJXeK6
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-