General
-
Target
a97bcd88922cdd038a2ad62104b8f51bc46b7763a47412856576b2200b5d662d.exe
-
Size
55KB
-
Sample
250127-sdkjjavkfr
-
MD5
d92cddbd70a9152730115df144d86acf
-
SHA1
68fcc8f58ae5a4c2e74c564d48861b9c8811c7dd
-
SHA256
a97bcd88922cdd038a2ad62104b8f51bc46b7763a47412856576b2200b5d662d
-
SHA512
cbfc838d63f974d85de25e4d0e16904a24cf575792bef0bb6f9ad502e3eb2125e8d908abd3c3d30c1c8b1b16e3c7b111cf0348d4a5b66559809c75a708d23a1e
-
SSDEEP
1536:l4iwxP1wbUdI3BZ6/P//zFc/ZJtxp8stNSoNSd0A3shxD6+:DwRyxAy/lxvtNXNW0A8hhx
Static task
static1
Behavioral task
behavioral1
Sample
a97bcd88922cdd038a2ad62104b8f51bc46b7763a47412856576b2200b5d662d.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a97bcd88922cdd038a2ad62104b8f51bc46b7763a47412856576b2200b5d662d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
a97bcd88922cdd038a2ad62104b8f51bc46b7763a47412856576b2200b5d662d.exe
-
Size
55KB
-
MD5
d92cddbd70a9152730115df144d86acf
-
SHA1
68fcc8f58ae5a4c2e74c564d48861b9c8811c7dd
-
SHA256
a97bcd88922cdd038a2ad62104b8f51bc46b7763a47412856576b2200b5d662d
-
SHA512
cbfc838d63f974d85de25e4d0e16904a24cf575792bef0bb6f9ad502e3eb2125e8d908abd3c3d30c1c8b1b16e3c7b111cf0348d4a5b66559809c75a708d23a1e
-
SSDEEP
1536:l4iwxP1wbUdI3BZ6/P//zFc/ZJtxp8stNSoNSd0A3shxD6+:DwRyxAy/lxvtNXNW0A8hhx
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-