General
-
Target
c0b7adff58c9384b9b8f3e0654840e85ad4a270f00900f9d0c75f33244a9e998
-
Size
411KB
-
Sample
241110-cs1ajaxdmn
-
MD5
bccf599127fa2da691aa29e9fe71b835
-
SHA1
86ab9a7f5bfac92abd34dcb77576d46bf1f4a194
-
SHA256
c0b7adff58c9384b9b8f3e0654840e85ad4a270f00900f9d0c75f33244a9e998
-
SHA512
40b0cb4088520665618ccce980a40d47997f8a9d0f6d777568bcc3b56dfd2d4a1f4ed33f46114cace2f838725da5db322a444a0642d8c10d17510cb4cc3fae77
-
SSDEEP
6144:ZXMcU86s21L7/s50z/Wa3/PNlP59ENQdgrb8X6SJqGaPonZh/nr0xuIKjyAH9SKO:Z8ck705kWM/9J6gqGBf/sAHZHbg5
Static task
static1
Behavioral task
behavioral1
Sample
c0b7adff58c9384b9b8f3e0654840e85ad4a270f00900f9d0c75f33244a9e998.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c0b7adff58c9384b9b8f3e0654840e85ad4a270f00900f9d0c75f33244a9e998.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
c0b7adff58c9384b9b8f3e0654840e85ad4a270f00900f9d0c75f33244a9e998
-
Size
411KB
-
MD5
bccf599127fa2da691aa29e9fe71b835
-
SHA1
86ab9a7f5bfac92abd34dcb77576d46bf1f4a194
-
SHA256
c0b7adff58c9384b9b8f3e0654840e85ad4a270f00900f9d0c75f33244a9e998
-
SHA512
40b0cb4088520665618ccce980a40d47997f8a9d0f6d777568bcc3b56dfd2d4a1f4ed33f46114cace2f838725da5db322a444a0642d8c10d17510cb4cc3fae77
-
SSDEEP
6144:ZXMcU86s21L7/s50z/Wa3/PNlP59ENQdgrb8X6SJqGaPonZh/nr0xuIKjyAH9SKO:Z8ck705kWM/9J6gqGBf/sAHZHbg5
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-