Extracted

• • Target

    a2afd52fa77da5bd13aaf43c1da1ffb7c1242a65aecc5baef53afd9cf789500dN.exe

  • Size

    108KB

  • MD5

    98b4d87e14713d4cc8c5feb190b127c0

  • SHA1

    f1cd2da78d5984a4ae8755338f0df3c5e2483b55

  • SHA256

    a2afd52fa77da5bd13aaf43c1da1ffb7c1242a65aecc5baef53afd9cf789500d

  • SHA512

    df451230bace56a9fc4db9494aef177959ce2cddccc335b7db538774978f7b37d4fc9ae7f9d78f6d0d7d2f1f125aa79de4f304e54ded38dcfd3cea3472d9d0a5

  • SSDEEP

    3072:CMna3m9V5R41/EVzOvUjmOiBn3w8BdTj2h3K:C2a3yV41/EdOsjVu3w8BdTj2VK

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2