General
-
Target
3d3d93a6abe12bf2781719ce069549b71723021214420c36bf886e96085a0adb.exe
-
Size
512KB
-
Sample
241112-pgekxaselq
-
MD5
3efb857356a93fb72550a4a50d459b32
-
SHA1
746fa999bd0a8f93f0d1d23e2e9d1357184c3060
-
SHA256
3d3d93a6abe12bf2781719ce069549b71723021214420c36bf886e96085a0adb
-
SHA512
1bc5e6cab43e8c7f3f98e610df7c30608de26c2a424f6178300511a7a8e6ffe9ef324e210538437ef976cb03e75b7554d5b0ba8a800d22744ccbd83e6e623388
-
SSDEEP
6144:JcVclD853XBpnTfwNPbAvjDAcXxxXfY09cnEWPDZ3:+cJQBpnchWcZ3
Static task
static1
Behavioral task
behavioral1
Sample
3d3d93a6abe12bf2781719ce069549b71723021214420c36bf886e96085a0adb.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3d3d93a6abe12bf2781719ce069549b71723021214420c36bf886e96085a0adb.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
3d3d93a6abe12bf2781719ce069549b71723021214420c36bf886e96085a0adb.exe
-
Size
512KB
-
MD5
3efb857356a93fb72550a4a50d459b32
-
SHA1
746fa999bd0a8f93f0d1d23e2e9d1357184c3060
-
SHA256
3d3d93a6abe12bf2781719ce069549b71723021214420c36bf886e96085a0adb
-
SHA512
1bc5e6cab43e8c7f3f98e610df7c30608de26c2a424f6178300511a7a8e6ffe9ef324e210538437ef976cb03e75b7554d5b0ba8a800d22744ccbd83e6e623388
-
SSDEEP
6144:JcVclD853XBpnTfwNPbAvjDAcXxxXfY09cnEWPDZ3:+cJQBpnchWcZ3
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-