General
-
Target
03fefde3fb961cb236dcec7f4dec9844eda9c9aeac42be39d360927ff9e3be6fN
-
Size
1.2MB
-
Sample
241110-s441vszelg
-
MD5
d3738301635054289263ae1131f36fe0
-
SHA1
78d2f195fc847b570d59658e01e9191dfc628b7d
-
SHA256
03fefde3fb961cb236dcec7f4dec9844eda9c9aeac42be39d360927ff9e3be6f
-
SHA512
72e100185b80dc5a4adcd81f98264c47e1317e7eb53f49bc06b92129f78b362ac2d03db32889d894e193e1dab67ef67997dad28a6112aead2c070a021039133e
-
SSDEEP
24576:iE3njaPh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZHp3oWQy60as:93njEbazR0vKLXZWy60as
Static task
static1
Behavioral task
behavioral1
Sample
03fefde3fb961cb236dcec7f4dec9844eda9c9aeac42be39d360927ff9e3be6fN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
03fefde3fb961cb236dcec7f4dec9844eda9c9aeac42be39d360927ff9e3be6fN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
03fefde3fb961cb236dcec7f4dec9844eda9c9aeac42be39d360927ff9e3be6fN
-
Size
1.2MB
-
MD5
d3738301635054289263ae1131f36fe0
-
SHA1
78d2f195fc847b570d59658e01e9191dfc628b7d
-
SHA256
03fefde3fb961cb236dcec7f4dec9844eda9c9aeac42be39d360927ff9e3be6f
-
SHA512
72e100185b80dc5a4adcd81f98264c47e1317e7eb53f49bc06b92129f78b362ac2d03db32889d894e193e1dab67ef67997dad28a6112aead2c070a021039133e
-
SSDEEP
24576:iE3njaPh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZHp3oWQy60as:93njEbazR0vKLXZWy60as
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-