General
-
Target
9e63d4d493c2789f1dd7f523cc27436b15c0799a6629e15c82b0572ae2088e12
-
Size
91KB
-
Sample
241110-besg4awejg
-
MD5
876847c0983a9c96ea228278cfbc63f8
-
SHA1
374db4a5623a69af0b5093ae4a25f23f8be9c0b2
-
SHA256
9e63d4d493c2789f1dd7f523cc27436b15c0799a6629e15c82b0572ae2088e12
-
SHA512
e2a8075b61943e2e90c29cf647c0526ee22b53e72c57e7492678f7afa95de6136d82a011adb207c0bb2d68d0950afc794a09c5206ce329467cd91b060261b60c
-
SSDEEP
1536:MGSKn+s/TMPLeESaWirVROw9e9FalLBsLnVLdGUHyNwtN4/nLLVaBlEaaaaaadhC:HSKMzeHaWEEFalLBsLnVUUHyNwtN4/nG
Static task
static1
Behavioral task
behavioral1
Sample
9e63d4d493c2789f1dd7f523cc27436b15c0799a6629e15c82b0572ae2088e12.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9e63d4d493c2789f1dd7f523cc27436b15c0799a6629e15c82b0572ae2088e12.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
9e63d4d493c2789f1dd7f523cc27436b15c0799a6629e15c82b0572ae2088e12
-
Size
91KB
-
MD5
876847c0983a9c96ea228278cfbc63f8
-
SHA1
374db4a5623a69af0b5093ae4a25f23f8be9c0b2
-
SHA256
9e63d4d493c2789f1dd7f523cc27436b15c0799a6629e15c82b0572ae2088e12
-
SHA512
e2a8075b61943e2e90c29cf647c0526ee22b53e72c57e7492678f7afa95de6136d82a011adb207c0bb2d68d0950afc794a09c5206ce329467cd91b060261b60c
-
SSDEEP
1536:MGSKn+s/TMPLeESaWirVROw9e9FalLBsLnVLdGUHyNwtN4/nLLVaBlEaaaaaadhC:HSKMzeHaWEEFalLBsLnVUUHyNwtN4/nG
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-