General
-
Target
72a2b9f103447dfde42f17fc09137d00d5ef462aed90c4875207077b0c607757N
-
Size
64KB
-
Sample
241110-bj6khsweqd
-
MD5
8a7c19278db864ca2d928c2bb10ac710
-
SHA1
9f215df79da5be597bdaf290cf90b10d867e6ad2
-
SHA256
72a2b9f103447dfde42f17fc09137d00d5ef462aed90c4875207077b0c607757
-
SHA512
dd2c1d659b85ddf05163651efa989d03daff0b2c4a0f97fcb9d6d31dadab4ccd25fae17e3d5f55e368fde4256b3219bd10e6f6445a036e34f0aafc5c60315854
-
SSDEEP
768:bOYnrV+qo2T3fc5E+KX8mTjPDKbRH+txu4+/1H54FYmGKA2kms8Y/ts/9d2NzYVp:aYrV+n2fc5E+K1zD2WyfrPFW2iwTbWv
Static task
static1
Behavioral task
behavioral1
Sample
72a2b9f103447dfde42f17fc09137d00d5ef462aed90c4875207077b0c607757N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
72a2b9f103447dfde42f17fc09137d00d5ef462aed90c4875207077b0c607757N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
72a2b9f103447dfde42f17fc09137d00d5ef462aed90c4875207077b0c607757N
-
Size
64KB
-
MD5
8a7c19278db864ca2d928c2bb10ac710
-
SHA1
9f215df79da5be597bdaf290cf90b10d867e6ad2
-
SHA256
72a2b9f103447dfde42f17fc09137d00d5ef462aed90c4875207077b0c607757
-
SHA512
dd2c1d659b85ddf05163651efa989d03daff0b2c4a0f97fcb9d6d31dadab4ccd25fae17e3d5f55e368fde4256b3219bd10e6f6445a036e34f0aafc5c60315854
-
SSDEEP
768:bOYnrV+qo2T3fc5E+KX8mTjPDKbRH+txu4+/1H54FYmGKA2kms8Y/ts/9d2NzYVp:aYrV+n2fc5E+K1zD2WyfrPFW2iwTbWv
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-