Extracted

• • Target

    1f2d08b5f5e7109be8be41e50a96d4cd20929df1a0f7a9c1018926d223a114b6N.exe

  • Size

    93KB

  • MD5

    a873256c688fdb8f641c4f79dfcad7c0

  • SHA1

    6f751d7b86b474409a9c59c7a66b601b7794e06e

  • SHA256

    1f2d08b5f5e7109be8be41e50a96d4cd20929df1a0f7a9c1018926d223a114b6

  • SHA512

    15f3e0a9910f36e3db9f24c9dc3f100962c9dec932f6544172c7405ee6d08de073837dd2ae7a418843bc0cf91adddf701b4553dcf06b8f8aa51f0a55b94bace9

  • SSDEEP

    1536:cRdR9n9ieRAfTI8E2BZml7ck8n3n7euB7lozbHfizDTyjiwg58:s9n9n+zfZW7ck837euxlQiHiY58

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2