General
-
Target
e023659864f73dfc6f77738d0bc3a1c4d1be088522126412c56202fde5d2f274
-
Size
64KB
-
Sample
241224-cm1zwaynfy
-
MD5
352ece4ec2961cc6146c53b51787ed71
-
SHA1
211a61fb8503d3583db63ec2e7086b7d5ddbdfb4
-
SHA256
e023659864f73dfc6f77738d0bc3a1c4d1be088522126412c56202fde5d2f274
-
SHA512
dc3fadc41da0d6512ea4cf05466bf94d7a3ccfdab75e125c6e626dd5092c9f305856b0a2af9e26c660299f2ea7a973eb85b55a7c94456d5fdb13bc0d6b5d3095
-
SSDEEP
1536:nNm4uzl9+MWLxVKdKuBtweUFCWWyQrPFW2iwTbW:nNm4uzl6tsdKuByVXMFW2VTbW
Static task
static1
Behavioral task
behavioral1
Sample
e023659864f73dfc6f77738d0bc3a1c4d1be088522126412c56202fde5d2f274.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e023659864f73dfc6f77738d0bc3a1c4d1be088522126412c56202fde5d2f274.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
e023659864f73dfc6f77738d0bc3a1c4d1be088522126412c56202fde5d2f274
-
Size
64KB
-
MD5
352ece4ec2961cc6146c53b51787ed71
-
SHA1
211a61fb8503d3583db63ec2e7086b7d5ddbdfb4
-
SHA256
e023659864f73dfc6f77738d0bc3a1c4d1be088522126412c56202fde5d2f274
-
SHA512
dc3fadc41da0d6512ea4cf05466bf94d7a3ccfdab75e125c6e626dd5092c9f305856b0a2af9e26c660299f2ea7a973eb85b55a7c94456d5fdb13bc0d6b5d3095
-
SSDEEP
1536:nNm4uzl9+MWLxVKdKuBtweUFCWWyQrPFW2iwTbW:nNm4uzl6tsdKuByVXMFW2VTbW
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-