Extracted

• • Target

    d8e9afeee38670b7d5797342affb74814700bec92ea144a7965971a1edadbf9fN.exe

  • Size

    128KB

  • MD5

    b90c9cdfa42082947bf6417a1ec54a90

  • SHA1

    018c4ec22ef9f10ad78acf395122027269487718

  • SHA256

    d8e9afeee38670b7d5797342affb74814700bec92ea144a7965971a1edadbf9f

  • SHA512

    5290a95e4d3b01f02b1851487e4dd53fb739f95ac65820cbd922f8d3abaee9e0b04a805d8210410929c537975e1715896e468510383ef69690aa8c206508496f

  • SSDEEP

    3072:ufSQrtB6F3kBn6Tym/PwidSX3ReDrFDHZtOgxBOXXH:uqQrSmF6HP7dSX3RO5tTDUX

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2