General
-
Target
9440d199d1d7358341b8f8a5ef21265bd60c1fbc86b44a6fe98d06ad35fe505bN
-
Size
63KB
-
Sample
241110-mp84dayjhl
-
MD5
3f6b1efc131c5a4bd3dfa7e4ca4e4280
-
SHA1
1a19b21e36f86a50efb9f78f89555079347cd137
-
SHA256
9440d199d1d7358341b8f8a5ef21265bd60c1fbc86b44a6fe98d06ad35fe505b
-
SHA512
6a1b72525627da7e70e1c503d55be023a16849a24b4d47127fade132e87ec35a0d99df232bb98c08aa711b384f87ebf8fec28738c202c61933fb06693bdb346b
-
SSDEEP
768:PdVtJiyVoml0BwsUFDd0gEVhBzaak/1H5oVEsmrUTvn93b7NRDMFME3eUgU:PdjJDqBz/6+VgEn9rjDHE
Static task
static1
Behavioral task
behavioral1
Sample
9440d199d1d7358341b8f8a5ef21265bd60c1fbc86b44a6fe98d06ad35fe505bN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9440d199d1d7358341b8f8a5ef21265bd60c1fbc86b44a6fe98d06ad35fe505bN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
9440d199d1d7358341b8f8a5ef21265bd60c1fbc86b44a6fe98d06ad35fe505bN
-
Size
63KB
-
MD5
3f6b1efc131c5a4bd3dfa7e4ca4e4280
-
SHA1
1a19b21e36f86a50efb9f78f89555079347cd137
-
SHA256
9440d199d1d7358341b8f8a5ef21265bd60c1fbc86b44a6fe98d06ad35fe505b
-
SHA512
6a1b72525627da7e70e1c503d55be023a16849a24b4d47127fade132e87ec35a0d99df232bb98c08aa711b384f87ebf8fec28738c202c61933fb06693bdb346b
-
SSDEEP
768:PdVtJiyVoml0BwsUFDd0gEVhBzaak/1H5oVEsmrUTvn93b7NRDMFME3eUgU:PdjJDqBz/6+VgEn9rjDHE
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-