General
-
Target
6fd6546b72266ca0e23811699e2b03dc506c65f9251485d910e5218a1b64c2f5
-
Size
67KB
-
Sample
241222-3lh1sa1rcs
-
MD5
bc6731a19e5c2848ac800c65a1846c15
-
SHA1
9695cc9f0a733bb4b9567104bfddacf2b13d1b0e
-
SHA256
6fd6546b72266ca0e23811699e2b03dc506c65f9251485d910e5218a1b64c2f5
-
SHA512
a3931257f6a1aea6a6fe7fb8db92fffa54c31ced3cb98d346cf222c33e7076de694443741ddad33f6488159824d7e0a42b4ccd2b5c69230794f19f72c05c93a5
-
SSDEEP
768:yYDDv9VwZz7XlRMOTKA7OmTSS9eX/1H5rP1PEVErME/feYvn1q/D2ZuAx0GoEkED:y8DzwZzJ+OeACmThIfsJifTduD4oTxw
Static task
static1
Behavioral task
behavioral1
Sample
6fd6546b72266ca0e23811699e2b03dc506c65f9251485d910e5218a1b64c2f5.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6fd6546b72266ca0e23811699e2b03dc506c65f9251485d910e5218a1b64c2f5.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
6fd6546b72266ca0e23811699e2b03dc506c65f9251485d910e5218a1b64c2f5
-
Size
67KB
-
MD5
bc6731a19e5c2848ac800c65a1846c15
-
SHA1
9695cc9f0a733bb4b9567104bfddacf2b13d1b0e
-
SHA256
6fd6546b72266ca0e23811699e2b03dc506c65f9251485d910e5218a1b64c2f5
-
SHA512
a3931257f6a1aea6a6fe7fb8db92fffa54c31ced3cb98d346cf222c33e7076de694443741ddad33f6488159824d7e0a42b4ccd2b5c69230794f19f72c05c93a5
-
SSDEEP
768:yYDDv9VwZz7XlRMOTKA7OmTSS9eX/1H5rP1PEVErME/feYvn1q/D2ZuAx0GoEkED:y8DzwZzJ+OeACmThIfsJifTduD4oTxw
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-