General
-
Target
b09219f6e314dfe5d5a6a86ed31b1d546a34e50c55e08b88a9583a1e49af4d48N
-
Size
52KB
-
Sample
241110-nndrhswekb
-
MD5
52fbdf97a0affcae19ef0d55183bfc10
-
SHA1
a5256cb0e39a9d5cb102f3f7b9770c30caae4991
-
SHA256
b09219f6e314dfe5d5a6a86ed31b1d546a34e50c55e08b88a9583a1e49af4d48
-
SHA512
08586fede7df116b66fce0981d564adb17ebc441849a1448aff54a8c79025c70ea447c2d107feed5333f8fec33c82ba87117a25fe3671e89aee28aade8841783
-
SSDEEP
768:u8Srt5ArhTUBqwFeCvkqqIbwsY4l31LyQbvhN4/1H5F/sXWMABvKWe:zYtuNYvQCsqTbTbLWQbpN++WMAdKZ
Static task
static1
Behavioral task
behavioral1
Sample
b09219f6e314dfe5d5a6a86ed31b1d546a34e50c55e08b88a9583a1e49af4d48N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
b09219f6e314dfe5d5a6a86ed31b1d546a34e50c55e08b88a9583a1e49af4d48N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
b09219f6e314dfe5d5a6a86ed31b1d546a34e50c55e08b88a9583a1e49af4d48N
-
Size
52KB
-
MD5
52fbdf97a0affcae19ef0d55183bfc10
-
SHA1
a5256cb0e39a9d5cb102f3f7b9770c30caae4991
-
SHA256
b09219f6e314dfe5d5a6a86ed31b1d546a34e50c55e08b88a9583a1e49af4d48
-
SHA512
08586fede7df116b66fce0981d564adb17ebc441849a1448aff54a8c79025c70ea447c2d107feed5333f8fec33c82ba87117a25fe3671e89aee28aade8841783
-
SSDEEP
768:u8Srt5ArhTUBqwFeCvkqqIbwsY4l31LyQbvhN4/1H5F/sXWMABvKWe:zYtuNYvQCsqTbTbLWQbpN++WMAdKZ
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-