General
-
Target
a36061b5a31821d936bc1dc565cf431a56fc6fd97802db0844b2d04a68156239
-
Size
52KB
-
Sample
241110-bk4sbavqgt
-
MD5
d1c5f19ec47d7f858a65f422ac47b3ef
-
SHA1
211cc0ba4f420f9937a6f76d175f179857f049b8
-
SHA256
a36061b5a31821d936bc1dc565cf431a56fc6fd97802db0844b2d04a68156239
-
SHA512
8afb53abd8e3390295cea7cfcc58435ae31e73301e054d29bb5e5bf1d7b991f6eb7c280877c61903dff7072c33a8901135e7797ddf2b452a3a5ad1ca69b28c1c
-
SSDEEP
1536:Lo+3FJYgY7Nj5DRcybH4KZF8QMQIi/95yEhr+LMAdKZ:Lp6rl5yWiLMRZ
Static task
static1
Behavioral task
behavioral1
Sample
a36061b5a31821d936bc1dc565cf431a56fc6fd97802db0844b2d04a68156239.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a36061b5a31821d936bc1dc565cf431a56fc6fd97802db0844b2d04a68156239.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
a36061b5a31821d936bc1dc565cf431a56fc6fd97802db0844b2d04a68156239
-
Size
52KB
-
MD5
d1c5f19ec47d7f858a65f422ac47b3ef
-
SHA1
211cc0ba4f420f9937a6f76d175f179857f049b8
-
SHA256
a36061b5a31821d936bc1dc565cf431a56fc6fd97802db0844b2d04a68156239
-
SHA512
8afb53abd8e3390295cea7cfcc58435ae31e73301e054d29bb5e5bf1d7b991f6eb7c280877c61903dff7072c33a8901135e7797ddf2b452a3a5ad1ca69b28c1c
-
SSDEEP
1536:Lo+3FJYgY7Nj5DRcybH4KZF8QMQIi/95yEhr+LMAdKZ:Lp6rl5yWiLMRZ
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-