General
-
Target
edd62b3fdd4527f6c189346fda188843aa7dc25f9ed9663f49eb47f597f3da6fN.exe
-
Size
264KB
-
Sample
241222-ryjmas1qdn
-
MD5
85e269ce2f2d46b75b1f15bd1f2a3bc0
-
SHA1
4d501057710dd67755acb9f1fa772af4f51690b4
-
SHA256
edd62b3fdd4527f6c189346fda188843aa7dc25f9ed9663f49eb47f597f3da6f
-
SHA512
3a35b87175a59facdc0e8b169f846d8a801f02ca270838d5835d4327ec7d0a7d68ac93ca832b9cbfc7d218f25b3459348b62fc10d9c868d2c60eda704cb49024
-
SSDEEP
3072:Kc5XLq224ho1mtye3lFDrFDHZtObmOm3AIpwbjshrmP24ho1mtye3lFDrFDHZtO/:zLqbsFj5t13LJhrmMsFj5tw
Behavioral task
behavioral1
Sample
edd62b3fdd4527f6c189346fda188843aa7dc25f9ed9663f49eb47f597f3da6fN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
edd62b3fdd4527f6c189346fda188843aa7dc25f9ed9663f49eb47f597f3da6fN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
edd62b3fdd4527f6c189346fda188843aa7dc25f9ed9663f49eb47f597f3da6fN.exe
-
Size
264KB
-
MD5
85e269ce2f2d46b75b1f15bd1f2a3bc0
-
SHA1
4d501057710dd67755acb9f1fa772af4f51690b4
-
SHA256
edd62b3fdd4527f6c189346fda188843aa7dc25f9ed9663f49eb47f597f3da6f
-
SHA512
3a35b87175a59facdc0e8b169f846d8a801f02ca270838d5835d4327ec7d0a7d68ac93ca832b9cbfc7d218f25b3459348b62fc10d9c868d2c60eda704cb49024
-
SSDEEP
3072:Kc5XLq224ho1mtye3lFDrFDHZtObmOm3AIpwbjshrmP24ho1mtye3lFDrFDHZtO/:zLqbsFj5t13LJhrmMsFj5tw
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-