General
-
Target
06aa75f1c477aaa46c9ec5b14c89318bb464eb2091244ce8a86990c8672265fbN.exe
-
Size
108KB
-
Sample
241112-rclvjasrb1
-
MD5
c4179175b4006a17c170eecb568b93f0
-
SHA1
45add09714720faf2d7338888bf443c4d6c06cba
-
SHA256
06aa75f1c477aaa46c9ec5b14c89318bb464eb2091244ce8a86990c8672265fb
-
SHA512
51ad4d404bfcadecdab78d19c2af5c228398fa6548dc7d523b44a39feb1e2e6a976b4295ada719a1968c186fa20e6cff158fbc6eeafb3336ba6bea6041b2a20b
-
SSDEEP
3072:IzlxDJzQxNHzK/A38xUjmOiBn3w8BdTj2h3K:IzlxqxY/A38ujVu3w8BdTj2VK
Behavioral task
behavioral1
Sample
06aa75f1c477aaa46c9ec5b14c89318bb464eb2091244ce8a86990c8672265fbN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
06aa75f1c477aaa46c9ec5b14c89318bb464eb2091244ce8a86990c8672265fbN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
06aa75f1c477aaa46c9ec5b14c89318bb464eb2091244ce8a86990c8672265fbN.exe
-
Size
108KB
-
MD5
c4179175b4006a17c170eecb568b93f0
-
SHA1
45add09714720faf2d7338888bf443c4d6c06cba
-
SHA256
06aa75f1c477aaa46c9ec5b14c89318bb464eb2091244ce8a86990c8672265fb
-
SHA512
51ad4d404bfcadecdab78d19c2af5c228398fa6548dc7d523b44a39feb1e2e6a976b4295ada719a1968c186fa20e6cff158fbc6eeafb3336ba6bea6041b2a20b
-
SSDEEP
3072:IzlxDJzQxNHzK/A38xUjmOiBn3w8BdTj2h3K:IzlxqxY/A38ujVu3w8BdTj2VK
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-