General
-
Target
4858787e2d256f0049239e42f9c480e20cc9e83f24589799250fb4975bb61644
-
Size
395KB
-
Sample
241223-zz8xks1ne1
-
MD5
54aa753a3e4a8e78b5742002f260800b
-
SHA1
120711d270bdcbd1265b265d7c954767d607f1a3
-
SHA256
4858787e2d256f0049239e42f9c480e20cc9e83f24589799250fb4975bb61644
-
SHA512
b17c19371954d80991e0e354e06bec03c5b6eae3ab9a7d0428e777ac4f0d7a9df5d0f5ac0a5e17b5d2d90c99edfd6396ff9b0e7e26358deb68cc9b3f9c04c496
-
SSDEEP
3072:moWvmVZJ6DCes7LlNwl5LPqdFQ/G0u3NNU7BS+CU7BS+9s7LlNwl5LPqNFQ/G0uJ:1Des4y70u4HXs4yr0u490u4Ds4yvW8lM
Static task
static1
Behavioral task
behavioral1
Sample
4858787e2d256f0049239e42f9c480e20cc9e83f24589799250fb4975bb61644.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
4858787e2d256f0049239e42f9c480e20cc9e83f24589799250fb4975bb61644.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
4858787e2d256f0049239e42f9c480e20cc9e83f24589799250fb4975bb61644
-
Size
395KB
-
MD5
54aa753a3e4a8e78b5742002f260800b
-
SHA1
120711d270bdcbd1265b265d7c954767d607f1a3
-
SHA256
4858787e2d256f0049239e42f9c480e20cc9e83f24589799250fb4975bb61644
-
SHA512
b17c19371954d80991e0e354e06bec03c5b6eae3ab9a7d0428e777ac4f0d7a9df5d0f5ac0a5e17b5d2d90c99edfd6396ff9b0e7e26358deb68cc9b3f9c04c496
-
SSDEEP
3072:moWvmVZJ6DCes7LlNwl5LPqdFQ/G0u3NNU7BS+CU7BS+9s7LlNwl5LPqNFQ/G0uJ:1Des4y70u4HXs4yr0u490u4Ds4yvW8lM
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-