Extracted

• • Target

    4c5be05c0ede9dc0819f0878b2cb82134390a8894fc8c09348fc22c71d06af7fN.exe

  • Size

    380KB

  • MD5

    bb71959f028df022736f9499d14873d0

  • SHA1

    339142211eb4963d155952dcbbb3bccf6dc89bf7

  • SHA256

    4c5be05c0ede9dc0819f0878b2cb82134390a8894fc8c09348fc22c71d06af7f

  • SHA512

    56cac91b14d9f765930430c8d85a6ffb9f39524e61aa1033fc73ba852e607f926c4cf974e65f57bebfd5ddb94a74e79a316b48b82e38a69379f083f2f41e541d

  • SSDEEP

    6144:9Ln76XrKl8jOCN9Otopg5tTDUZNSN58VU5tTvnVn5tTDUZNSN58Vh:ZYrKl8vOtoq5t6NSN6G5tbt5t6NSN6T

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2