Extracted

• • Target

    79bf1001d583826cb6ae371d70d18cdcf911256ad83553a8d5ebb6ecd725d3f9N.exe

  • Size

    97KB

  • MD5

    cc2e876f06861734e7ed7b3387230580

  • SHA1

    a903abe47b9e6bb536da1882ea964d399f2e792c

  • SHA256

    79bf1001d583826cb6ae371d70d18cdcf911256ad83553a8d5ebb6ecd725d3f9

  • SHA512

    ad296c08c9552e7e3de7717f20f1ecf8d498884cacf34f16a3baad48df3000934bd976f65bdbd7e68382a54b0d675abb7771bcc5f71a88659bd5f2cc19c640c7

  • SSDEEP

    1536:mdDlRemSbkjTLTFa/ugWaBEXYm//XUwXfzwE57pvJXeYZ6:wRtSQvL5a/WzXP/bPzwm7pJXeK6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2