Extracted

• • Target

    fc252745155a9873aba052802aa2e230dc4bb2a38fa89eea4736f3d544f0cd25N.exe

  • Size

    224KB

  • MD5

    c41ee0505209e73e80242bf154bc6ca0

  • SHA1

    cb2b80a24691cde6bc99fefd2b261871fba1021f

  • SHA256

    fc252745155a9873aba052802aa2e230dc4bb2a38fa89eea4736f3d544f0cd25

  • SHA512

    911cf4cd4afdf9865a4e4ae24afbbf2f041c1986c6b416630b30d44f0fd8993d4ad3b9e1d5d18b3dce53d48e9b42387a0b951b05a9aef76ed4b30cd76e0eafa5

  • SSDEEP

    3072:u9fxEbJkKbNDArWIuYUvIMDrFDHZtOgxBOXXwwfBoD6N3h8N5G2qVUDrFDHZtOgt:u1ObJ7bNDAy4s5tTDUZNSN58VU5tTtf

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2