General
-
Target
783c5c5942853d3500a86e334f11b6605e8fe46c6063eb63b52f5c005c3b55fb
-
Size
512KB
-
Sample
241222-3wclraslfj
-
MD5
bb5359b04b50bc7af625126aab4c988c
-
SHA1
5c48594b7b153558d165d30d8e64ea7e0352b374
-
SHA256
783c5c5942853d3500a86e334f11b6605e8fe46c6063eb63b52f5c005c3b55fb
-
SHA512
fab37e39a81a8bd2776406f0983907f9a6dc27f80201cfc5ba79d1bdee0a79c0865b49834028459c9f3c1aa1db1c3d45cbec4265a675050918d43a2943f75c47
-
SSDEEP
6144:HSm4VE1ZUZP8VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:yzGKUG5t1sI5yl48pArv8o4L
Static task
static1
Behavioral task
behavioral1
Sample
783c5c5942853d3500a86e334f11b6605e8fe46c6063eb63b52f5c005c3b55fb.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
783c5c5942853d3500a86e334f11b6605e8fe46c6063eb63b52f5c005c3b55fb.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
783c5c5942853d3500a86e334f11b6605e8fe46c6063eb63b52f5c005c3b55fb
-
Size
512KB
-
MD5
bb5359b04b50bc7af625126aab4c988c
-
SHA1
5c48594b7b153558d165d30d8e64ea7e0352b374
-
SHA256
783c5c5942853d3500a86e334f11b6605e8fe46c6063eb63b52f5c005c3b55fb
-
SHA512
fab37e39a81a8bd2776406f0983907f9a6dc27f80201cfc5ba79d1bdee0a79c0865b49834028459c9f3c1aa1db1c3d45cbec4265a675050918d43a2943f75c47
-
SSDEEP
6144:HSm4VE1ZUZP8VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:yzGKUG5t1sI5yl48pArv8o4L
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-