General
-
Target
042bd01c0eccd4254790be07a49a05c79dd02782ed9c2c637cd1051064f00aedN.exe
-
Size
226KB
-
Sample
241111-mtqslaydqe
-
MD5
e85fec085f886450df05bd6d07302619
-
SHA1
05de1e45a96734bd0b924d2545e707c6943dcb61
-
SHA256
f084e600c45db628fe67eb3fed14ef2ef1c2fd818e173c56491a310045bbd27f
-
SHA512
32ef4f49b2bff647fe7154ec8526752f43a1877c89e123bff607cfefb2f3489b1577d453003a8119a57bcd301756655c2c759c5e0999d5ab26c93387d4166f42
-
SSDEEP
3072:AMMw33flDKcWmjRvDKcpDKcWmjRrzNtQtjDKcWmjRrzNtr:Sw3v+xEtQtsEtr
Static task
static1
Behavioral task
behavioral1
Sample
042bd01c0eccd4254790be07a49a05c79dd02782ed9c2c637cd1051064f00aedN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
042bd01c0eccd4254790be07a49a05c79dd02782ed9c2c637cd1051064f00aedN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
042bd01c0eccd4254790be07a49a05c79dd02782ed9c2c637cd1051064f00aedN.exe
-
Size
226KB
-
MD5
e85fec085f886450df05bd6d07302619
-
SHA1
05de1e45a96734bd0b924d2545e707c6943dcb61
-
SHA256
f084e600c45db628fe67eb3fed14ef2ef1c2fd818e173c56491a310045bbd27f
-
SHA512
32ef4f49b2bff647fe7154ec8526752f43a1877c89e123bff607cfefb2f3489b1577d453003a8119a57bcd301756655c2c759c5e0999d5ab26c93387d4166f42
-
SSDEEP
3072:AMMw33flDKcWmjRvDKcpDKcWmjRrzNtQtjDKcWmjRrzNtr:Sw3v+xEtQtsEtr
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-