General
-
Target
a05c959a19117056c51d2dad0b4d36869ee934378bb54baaa871f73bd1cccf2dN.exe
-
Size
128KB
-
Sample
241112-r8lveaveph
-
MD5
99ceb1f1967c61426103bb4d42414255
-
SHA1
73719202ca18d8e3dfe4402259fde94fe9b57022
-
SHA256
2546c416b23c9c1bb23cc772f2b149e4c776abe1f528dc50bc705d127d5f5808
-
SHA512
3f8070dafbb5625c93c25ce661203cce5e02c9b96fe3329f8168ff7b99d2cca83a3ee6429421a2d0c5129f7aa6e0381cd46f98a87efa238bdd6c3e97bf315525
-
SSDEEP
3072:+kJDgWu+bXNDrFDHZtOgxBOXXwwfBoD6N3h8N5Gq:+kJDgiLr5tTDUZNSN59
Behavioral task
behavioral1
Sample
a05c959a19117056c51d2dad0b4d36869ee934378bb54baaa871f73bd1cccf2dN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a05c959a19117056c51d2dad0b4d36869ee934378bb54baaa871f73bd1cccf2dN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
a05c959a19117056c51d2dad0b4d36869ee934378bb54baaa871f73bd1cccf2dN.exe
-
Size
128KB
-
MD5
99ceb1f1967c61426103bb4d42414255
-
SHA1
73719202ca18d8e3dfe4402259fde94fe9b57022
-
SHA256
2546c416b23c9c1bb23cc772f2b149e4c776abe1f528dc50bc705d127d5f5808
-
SHA512
3f8070dafbb5625c93c25ce661203cce5e02c9b96fe3329f8168ff7b99d2cca83a3ee6429421a2d0c5129f7aa6e0381cd46f98a87efa238bdd6c3e97bf315525
-
SSDEEP
3072:+kJDgWu+bXNDrFDHZtOgxBOXXwwfBoD6N3h8N5Gq:+kJDgiLr5tTDUZNSN59
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-