Extracted

• • Target

    f73094819113158dec8da9b994a88c4e9978f3bb8eb78fb56083271e924bb3a4N.exe

  • Size

    63KB

  • MD5

    5eb89752df3e4ad8075e162665f683b0

  • SHA1

    0e0e553620f72c1fc32c33435fead2defc3dceac

  • SHA256

    f73094819113158dec8da9b994a88c4e9978f3bb8eb78fb56083271e924bb3a4

  • SHA512

    8afcbce785e7617de251a3abb0202ee6286c05c5cccc3b89305117ba8ce00632f4ace5381538f7ff9653cd2ee66165079d6fa72d0d40212009acba9c2cf0b720

  • SSDEEP

    768:Hta+Nl54s+oNvR3EnUlFlCwE6zV+ul9w9vhNuPI/1H5oVEwFmrUTvn93b7NRDMFp:Na+2oN5cF6zH9QvKm+VsEn9rjDHE

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2