General
-
Target
6a55ce0833053d2c3e79805d50f6a666582cf148c86b05503160fb71773029e1
-
Size
72KB
-
Sample
241207-3haj8svngr
-
MD5
b36187631c432d18ce668338a5a9f47b
-
SHA1
45f112a6c4cebacfb8b505101ebd9b5371e0dc36
-
SHA256
6a55ce0833053d2c3e79805d50f6a666582cf148c86b05503160fb71773029e1
-
SHA512
3b9bca38d5838fb19d6405028962a8efb917b2756fdfcc2309664b806e489f9607b74c09e83108a9ef8ebb19cfdaa6d785b603df0cae94b11c1005c3aaabcb6d
-
SSDEEP
1536:Vcp+9C0xk5cO3dxu0HhIQbDkCHzYu0HJJAmCMoUYsIWkAMoUw8YEgsI0Qc4kAMok:Vcp+9CokCO3dxu0HhIUDP0HJ6xMoUYs6
Static task
static1
Behavioral task
behavioral1
Sample
6a55ce0833053d2c3e79805d50f6a666582cf148c86b05503160fb71773029e1.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6a55ce0833053d2c3e79805d50f6a666582cf148c86b05503160fb71773029e1.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
6a55ce0833053d2c3e79805d50f6a666582cf148c86b05503160fb71773029e1
-
Size
72KB
-
MD5
b36187631c432d18ce668338a5a9f47b
-
SHA1
45f112a6c4cebacfb8b505101ebd9b5371e0dc36
-
SHA256
6a55ce0833053d2c3e79805d50f6a666582cf148c86b05503160fb71773029e1
-
SHA512
3b9bca38d5838fb19d6405028962a8efb917b2756fdfcc2309664b806e489f9607b74c09e83108a9ef8ebb19cfdaa6d785b603df0cae94b11c1005c3aaabcb6d
-
SSDEEP
1536:Vcp+9C0xk5cO3dxu0HhIQbDkCHzYu0HJJAmCMoUYsIWkAMoUw8YEgsI0Qc4kAMok:Vcp+9CokCO3dxu0HhIUDP0HJ6xMoUYs6
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-