Extracted

• • Target

    0a57176330dcf6db0a8778209f84f1feaf80f3a2a6d7715cb778aa3785d5c22eN.exe

  • Size

    415KB

  • MD5

    6536d3103545e52646a2a61487ae7e90

  • SHA1

    4127d34fd9f62f623e891fdec38862737f476951

  • SHA256

    0a57176330dcf6db0a8778209f84f1feaf80f3a2a6d7715cb778aa3785d5c22e

  • SHA512

    6ceda0f6a4795f77bbd27746364f5d143054a866e338d728b6c906be0e8ff8dae65027e971dce9bf6c0418dec222a216f1ca517aa5a752017302bf284703671d

  • SSDEEP

    12288:6OoZxcL7XYYfioWj7NtInBBBBBBBBBBBBBBBBBBBBBBBBB0kfBBBBBBBBBBBBBBf:pfiklp

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2