Extracted

• • Target

    e5628fc94e11d390c4edeaded284def9192046feca1d7c588ed32f787247233dN.exe

  • Size

    226KB

  • MD5

    ba752fedf3056d84e9b1af9f4ea5cf40

  • SHA1

    94d6cd5450ea8e649604d5bf2ca754d143296096

  • SHA256

    e5628fc94e11d390c4edeaded284def9192046feca1d7c588ed32f787247233d

  • SHA512

    94f0ee42258b10270d011e12baa2cc350af6b8a9c8ec3340840cbdecc5890795049cdd5a2d56738a33676b7fe36ba4e01410924a3da6894bdbf46149ecbaf82d

  • SSDEEP

    3072:gQS7fasDq7QzqkIDKcWmjRvDKcpDKcWmjRrzNtQtjDKcWmjRrzNtb:E79QQvBxEtQtsEtb

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2