Extracted

• • Target

    27d2079fc3689b600135f63e545e895a2b5e52746199e7fb0e3cfeaca619ae00N.exe

  • Size

    346KB

  • MD5

    a6e89e3030f584ecef06d361112dacc0

  • SHA1

    83181d294086503bf4c05b649804b00210700bcf

  • SHA256

    27d2079fc3689b600135f63e545e895a2b5e52746199e7fb0e3cfeaca619ae00

  • SHA512

    5e871d9ade8a54287619fe5d9242ab10f6b9b00026b8f62d0c299b74db913aa1ad630560ceb59253b838159c11ac7590a69424804e6ba920fcdc0a4361f91660

  • SSDEEP

    3072:HqTGOV8RjzuwER6XmPgU5QdDrFDHZtObmOm3AIpwbjshrmP24ho1mtye3lFDrFDt:HnOVvEQho5t13LJhrmMsFj5tzOvfFOM6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2