General
-
Target
ebe08825e0bdcb2f3f95f86fe6585d70629d6c69b28d9a63b651cd4311121e29N
-
Size
128KB
-
Sample
241112-sbyndavfmd
-
MD5
80adf9bf8482c593bf80b2c969b2c380
-
SHA1
85e90a925cfaf8edd057b046fac133e40a701349
-
SHA256
ebe08825e0bdcb2f3f95f86fe6585d70629d6c69b28d9a63b651cd4311121e29
-
SHA512
44a30ef0ca00b7aa87ac2d66d743e3a45ac5b57a66687ef9637d988a0c0a4c0b6c87e3fb6d541bfe0c5675b5b6ccf3f4429255d45986a1d8ed9480cb71b7218a
-
SSDEEP
3072:FeqI44ijExFw7Fm69W6PGZDrFDHZtOgxBOXXwwfBoD6N3h8N5Gg:FBI8Exu7krP5tTDUZNSN57
Behavioral task
behavioral1
Sample
ebe08825e0bdcb2f3f95f86fe6585d70629d6c69b28d9a63b651cd4311121e29N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ebe08825e0bdcb2f3f95f86fe6585d70629d6c69b28d9a63b651cd4311121e29N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
ebe08825e0bdcb2f3f95f86fe6585d70629d6c69b28d9a63b651cd4311121e29N
-
Size
128KB
-
MD5
80adf9bf8482c593bf80b2c969b2c380
-
SHA1
85e90a925cfaf8edd057b046fac133e40a701349
-
SHA256
ebe08825e0bdcb2f3f95f86fe6585d70629d6c69b28d9a63b651cd4311121e29
-
SHA512
44a30ef0ca00b7aa87ac2d66d743e3a45ac5b57a66687ef9637d988a0c0a4c0b6c87e3fb6d541bfe0c5675b5b6ccf3f4429255d45986a1d8ed9480cb71b7218a
-
SSDEEP
3072:FeqI44ijExFw7Fm69W6PGZDrFDHZtOgxBOXXwwfBoD6N3h8N5Gg:FBI8Exu7krP5tTDUZNSN57
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-