General
-
Target
9c4844cde6763b75f9a8c5debb8b7c61f8d1dc54522215b06216b68b8119ff61
-
Size
69KB
-
Sample
241223-bqgvqstjfw
-
MD5
6689e504c26ef7e3cc541b889a522bc7
-
SHA1
0071cbf272c16c01d75d2036c9ce3a5b2913703b
-
SHA256
9c4844cde6763b75f9a8c5debb8b7c61f8d1dc54522215b06216b68b8119ff61
-
SHA512
f0caeeb259ab400311535a47e881d9f10e7451eaa8cae880224dbe159a94f16bda6a8764d0993759f2a803e0951145c945f0b366e5108550698aa85ecbb9cf94
-
SSDEEP
1536:+lJYeWMMhOSC8mjSNesFRtBlxNE9JFRt51BdplxNZVh9JFRt51BdplxNZVh9JFRG:+jYeLMt9mjSkFe0GNFn/GFZC1yY
Static task
static1
Behavioral task
behavioral1
Sample
9c4844cde6763b75f9a8c5debb8b7c61f8d1dc54522215b06216b68b8119ff61.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9c4844cde6763b75f9a8c5debb8b7c61f8d1dc54522215b06216b68b8119ff61.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
9c4844cde6763b75f9a8c5debb8b7c61f8d1dc54522215b06216b68b8119ff61
-
Size
69KB
-
MD5
6689e504c26ef7e3cc541b889a522bc7
-
SHA1
0071cbf272c16c01d75d2036c9ce3a5b2913703b
-
SHA256
9c4844cde6763b75f9a8c5debb8b7c61f8d1dc54522215b06216b68b8119ff61
-
SHA512
f0caeeb259ab400311535a47e881d9f10e7451eaa8cae880224dbe159a94f16bda6a8764d0993759f2a803e0951145c945f0b366e5108550698aa85ecbb9cf94
-
SSDEEP
1536:+lJYeWMMhOSC8mjSNesFRtBlxNE9JFRt51BdplxNZVh9JFRt51BdplxNZVh9JFRG:+jYeLMt9mjSkFe0GNFn/GFZC1yY
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-