General
-
Target
6ffaccef2d67ca42de011e4a4f6137d216b524a4c333c286dd1fc207014c7a2bN
-
Size
182KB
-
Sample
241110-ngyhcawdld
-
MD5
11c70a43d6f5f23070a4630079a67660
-
SHA1
6116b58f4b243afd5de4ace483d0cf9e13ee8743
-
SHA256
6ffaccef2d67ca42de011e4a4f6137d216b524a4c333c286dd1fc207014c7a2b
-
SHA512
dade2067e83f1edc6bae6466aaac13e1486c89202b4205b85ad2fdcbca793d19df95114dbf43f37148e3fd8e2e38a4bebcb5b298bd151d9bcbc6e9d97a19b166
-
SSDEEP
3072:/DdQbTnRmFZuYVE2ok8h8RuWFL8XpXJLCXszp7+QVk8h8RuWFL:R6mF432obuRuWFL8XpZLeszp7zVbuRuK
Behavioral task
behavioral1
Sample
6ffaccef2d67ca42de011e4a4f6137d216b524a4c333c286dd1fc207014c7a2bN.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
6ffaccef2d67ca42de011e4a4f6137d216b524a4c333c286dd1fc207014c7a2bN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
6ffaccef2d67ca42de011e4a4f6137d216b524a4c333c286dd1fc207014c7a2bN
-
Size
182KB
-
MD5
11c70a43d6f5f23070a4630079a67660
-
SHA1
6116b58f4b243afd5de4ace483d0cf9e13ee8743
-
SHA256
6ffaccef2d67ca42de011e4a4f6137d216b524a4c333c286dd1fc207014c7a2b
-
SHA512
dade2067e83f1edc6bae6466aaac13e1486c89202b4205b85ad2fdcbca793d19df95114dbf43f37148e3fd8e2e38a4bebcb5b298bd151d9bcbc6e9d97a19b166
-
SSDEEP
3072:/DdQbTnRmFZuYVE2ok8h8RuWFL8XpXJLCXszp7+QVk8h8RuWFL:R6mF432obuRuWFL8XpZLeszp7zVbuRuK
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-