General
-
Target
3816cbaa1211f7bf2613db6206b0d6b28186e8d713a23795ae0f497e7e7b881fN
-
Size
64KB
-
Sample
241110-mn432ayjgj
-
MD5
1d057623db67f64ecfa257cd12cde310
-
SHA1
969e23fd15167f94fcb0833797c2d8ee10189641
-
SHA256
3816cbaa1211f7bf2613db6206b0d6b28186e8d713a23795ae0f497e7e7b881f
-
SHA512
fad0e87d1d4f67d0dc9d3b257e3d44764114645f1ff966e1f51958a6d75eca37a5dbab6d64c9b6d6aad19e2a571b1cf471c8036fd9ce000763207414e0b96ad5
-
SSDEEP
1536:MznyreuvI3+DPOYYV9pZlLBsLnVLdGUHyNwi:LreYI3+LwZlLBsLnVUUHyNwi
Static task
static1
Behavioral task
behavioral1
Sample
3816cbaa1211f7bf2613db6206b0d6b28186e8d713a23795ae0f497e7e7b881fN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3816cbaa1211f7bf2613db6206b0d6b28186e8d713a23795ae0f497e7e7b881fN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
3816cbaa1211f7bf2613db6206b0d6b28186e8d713a23795ae0f497e7e7b881fN
-
Size
64KB
-
MD5
1d057623db67f64ecfa257cd12cde310
-
SHA1
969e23fd15167f94fcb0833797c2d8ee10189641
-
SHA256
3816cbaa1211f7bf2613db6206b0d6b28186e8d713a23795ae0f497e7e7b881f
-
SHA512
fad0e87d1d4f67d0dc9d3b257e3d44764114645f1ff966e1f51958a6d75eca37a5dbab6d64c9b6d6aad19e2a571b1cf471c8036fd9ce000763207414e0b96ad5
-
SSDEEP
1536:MznyreuvI3+DPOYYV9pZlLBsLnVLdGUHyNwi:LreYI3+LwZlLBsLnVUUHyNwi
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-