General
-
Target
6ae671ea29a409700851859fd6e3f86883ebd7011a148ada93349f64355c1193N.exe
-
Size
88KB
-
Sample
241113-vg7jksvnfw
-
MD5
f48dfb53593838d6fe412dc9dea9c130
-
SHA1
d1ac89a7e0d208bba140862da9edae92a1a3558e
-
SHA256
6ae671ea29a409700851859fd6e3f86883ebd7011a148ada93349f64355c1193
-
SHA512
05cd9e923df5d6bacc8f722829162f7a7f146524cf3098d4bbc3800b7b0bcc9a199f7c75b846ca03bf84ff8419d82a9ddeb33778f0ede9d0bbd0469d5f6c9f1d
-
SSDEEP
1536:6wcQls2i+NI61wQqrhm0pi5ZAwFL8QOVXtE1ukVd71rFZO7+90vT:6w3Zh0m0pi5ZbLi9EIIJ15ZO7Vr
Static task
static1
Behavioral task
behavioral1
Sample
6ae671ea29a409700851859fd6e3f86883ebd7011a148ada93349f64355c1193N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6ae671ea29a409700851859fd6e3f86883ebd7011a148ada93349f64355c1193N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
6ae671ea29a409700851859fd6e3f86883ebd7011a148ada93349f64355c1193N.exe
-
Size
88KB
-
MD5
f48dfb53593838d6fe412dc9dea9c130
-
SHA1
d1ac89a7e0d208bba140862da9edae92a1a3558e
-
SHA256
6ae671ea29a409700851859fd6e3f86883ebd7011a148ada93349f64355c1193
-
SHA512
05cd9e923df5d6bacc8f722829162f7a7f146524cf3098d4bbc3800b7b0bcc9a199f7c75b846ca03bf84ff8419d82a9ddeb33778f0ede9d0bbd0469d5f6c9f1d
-
SSDEEP
1536:6wcQls2i+NI61wQqrhm0pi5ZAwFL8QOVXtE1ukVd71rFZO7+90vT:6w3Zh0m0pi5ZbLi9EIIJ15ZO7Vr
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-