Extracted

• • Target

    9b9324169784eda723200301312043ead96a00f4d475ba9ce9ff10f2df35d7c8N.exe

  • Size

    128KB

  • MD5

    1a94e6d36fa6386e871e30d5a66463f0

  • SHA1

    2f024dde220b8c6181cc484f75f8f6c001dd08c5

  • SHA256

    9b9324169784eda723200301312043ead96a00f4d475ba9ce9ff10f2df35d7c8

  • SHA512

    39014d3443102f14abe5448273f4155f4303ce5a46ab8df393687f2b6f7e7d71e30e3f64f04a88d6e5f1fcec1724fcf137d8a1c0b01e411b1a4851fa1fc8dd26

  • SSDEEP

    3072:SNzsIH5dqM64oPUjtRKG7UDd0pCrQIFdFtLQ:IHLtkG7Ux0ocIPF9Q

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2