Extracted

• • Target

    15df1056d295424525fcecd88d7d67acddc4782a13a48a2fb00ac2a79eec910eN.exe

  • Size

    55KB

  • MD5

    7911646722969e781a671a33f9630780

  • SHA1

    14f3cedb29e6441653819e105b204962cf2f8605

  • SHA256

    15df1056d295424525fcecd88d7d67acddc4782a13a48a2fb00ac2a79eec910e

  • SHA512

    dfbf8f6f509de9c20e33fc4d5c58d9b2822640634e6f7f7c26464c120be9b64ace391a5973e0b8440e07a5f790806808e0cb71d49dc1002aadad9033952fb5f7

  • SSDEEP

    1536:GJfRnMu8HNY15aMrLrBHUO5y8INSoNSd0A3shxD6a:0fEILrBZ5y8INXNW0A8hh1

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2