Extracted

• • Target

    182076e1a0fa70f6ec6c89b9cfc3ddf5f0ed68bc72476399ed1637f0a626b56bN.exe

  • Size

    42KB

  • MD5

    d84456db68b5acaf7d034454c76d43e0

  • SHA1

    f28fb4fceb5d742a27882ee5de0eca3b9dcdcc66

  • SHA256

    182076e1a0fa70f6ec6c89b9cfc3ddf5f0ed68bc72476399ed1637f0a626b56b

  • SHA512

    941b82841d466e9e3eb38511b4e517bac086c681b731d5c34ab7e5f723bc7dbc5f72f21e4bfec4771c69eee363a1c6a6c7127d331c25670c41307be67441efd1

  • SSDEEP

    768:X6G/TA8DJanOtUTl+aqmckemOrHp9r04kW/1H5:XpTjDcnvcaqzmOjHY8

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2