General

  • Target

    5b7d1cf4e87a13281f64478c3fdb1dcfdfb5e3168a80950cc8d5859c5857f0d1N

  • Size

    219KB

  • MD5

    c02e81ae00f992892a6ff7b1e6d90290

  • SHA1

    02a2edf5d1970a6c876854d6d862bc5eca085559

  • SHA256

    5b7d1cf4e87a13281f64478c3fdb1dcfdfb5e3168a80950cc8d5859c5857f0d1

  • SHA512

    ab80f6a164f9bb12ccbc0bab56323158ec51978d6cf043107c57af600101b0bd53a30a1738ad5bec0ed6587455dce09c4859ac567e8ec973d15125d589bf8e8c

  • SSDEEP

    3072:psgdlrvw5a57FPzwuZkO0aDb/IBPCOQvU6z314EXrjvwSfYrwBt:bn57VzDOO0aDD4PCxdXXwSfYrwB

Score
10/10

Malware Config

Extracted

Family

berbew

C2

http://tat-neftbank.ru/kkq.php

http://tat-neftbank.ru/wcmd.htm

Signatures

  • Berbew family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5b7d1cf4e87a13281f64478c3fdb1dcfdfb5e3168a80950cc8d5859c5857f0d1N
    .exe windows:1 windows x86 arch:x86

    95e6f8741083e0c7d9a63d45e2472360


    Headers

    Imports

    Sections