General
-
Target
71090b19df3feeedcf8768c4eba034e541070a4b444a8e743669b9fe541ed227N
-
Size
45KB
-
Sample
241110-r9atjayfkl
-
MD5
b5dd08be98777a1f721f43788a0614f0
-
SHA1
28b95cb96e3b6d68779db03f69aab28ea901075f
-
SHA256
71090b19df3feeedcf8768c4eba034e541070a4b444a8e743669b9fe541ed227
-
SHA512
1decd2625a70c64d55e4c5b660e69e8cbf2ce8c1ffa11b9f93e5ed5f7724a9f253be291db5fe8044bed8064ad4029269a1d7da5bd4b9bcb64e84578e4a99ce6e
-
SSDEEP
768:joJN3duay6ok8loP3vd/ygDqGuOt6L4wq+WQqT87EllQ1d0/1H50:joJddu3vk84xbGpOt6L4wq+WQg87Ell2
Static task
static1
Behavioral task
behavioral1
Sample
71090b19df3feeedcf8768c4eba034e541070a4b444a8e743669b9fe541ed227N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
71090b19df3feeedcf8768c4eba034e541070a4b444a8e743669b9fe541ed227N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
71090b19df3feeedcf8768c4eba034e541070a4b444a8e743669b9fe541ed227N
-
Size
45KB
-
MD5
b5dd08be98777a1f721f43788a0614f0
-
SHA1
28b95cb96e3b6d68779db03f69aab28ea901075f
-
SHA256
71090b19df3feeedcf8768c4eba034e541070a4b444a8e743669b9fe541ed227
-
SHA512
1decd2625a70c64d55e4c5b660e69e8cbf2ce8c1ffa11b9f93e5ed5f7724a9f253be291db5fe8044bed8064ad4029269a1d7da5bd4b9bcb64e84578e4a99ce6e
-
SSDEEP
768:joJN3duay6ok8loP3vd/ygDqGuOt6L4wq+WQqT87EllQ1d0/1H50:joJddu3vk84xbGpOt6L4wq+WQg87Ell2
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-