Extracted

• • Target

    b6aae8a564df98795781e98c7741666174cbfa8a70ad97ad0ba8c2aa73bfeff5N.exe

  • Size

    42KB

  • MD5

    e05bee4e83724b71f6e4c3b29852e760

  • SHA1

    d2cd95209a664dfc1c2e3c9034b07f2c225a0890

  • SHA256

    b6aae8a564df98795781e98c7741666174cbfa8a70ad97ad0ba8c2aa73bfeff5

  • SHA512

    8653a9daf6f43e24476d8fac4b911b7f61ce3a9aba7e85309d4523526351954b370cc5ab0e2e00f03870c70ed598f6ba6fab316e3f23680542110b2528836936

  • SSDEEP

    768:DQkssjNF+s5aWT0SUPQJC6pE6nAk9RI7ZDqlXji0nxCLNA5JULRKfhT/1H5Z:DJ1hM2aW4SuQzLEDuW0xINYSRoFf

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2