Extracted

• • Target

    5bfddf2a93967139abec03670cdeb20b2e4a86ec410b8833ad17cde55a7b75b1N.exe

  • Size

    380KB

  • MD5

    10defe8da6a55460353776e683086850

  • SHA1

    5b362d138db6d90a7504271564afc037f40376b3

  • SHA256

    5bfddf2a93967139abec03670cdeb20b2e4a86ec410b8833ad17cde55a7b75b1

  • SHA512

    e39632eccbb1d4bd1547375ca4b6860333fc6dd78ed04949d955781e9b453c4d952c0a90a78c02848794c3b26c1ca60bd756b4d1db96378b599a46dd63c1a8eb

  • SSDEEP

    6144:4iQayCHW3VIRVOQCN9Otopg5tTDUZNSN58VU5tTvnVn5tTDUZNSN58Vh:4iQGHsUCOtoq5t6NSN6G5tbt5t6NSN6T

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2