Extracted

• • Target

    b7f670fc6ced42f1e98b159ae4f19cab23f9feb443cebe5ca8fae933ce0d5494N.exe

  • Size

    91KB

  • MD5

    79069c3fbe0d4ce86452b7694e32f360

  • SHA1

    31c02895263a25505d1818a950c751ac05d5a283

  • SHA256

    b7f670fc6ced42f1e98b159ae4f19cab23f9feb443cebe5ca8fae933ce0d5494

  • SHA512

    2afeef41b854066e05b52a77ebc341eb88f109a74bb14d25b5785c170bc46b0d682df71de3398c9f363665629c6f34ff5fe25dcf9d3a233f1832213885117808

  • SSDEEP

    1536:oo4JYgY7Nj5DRcybH4KZF8QMQIi/95yEhrq5lLBsLnVLdGUHyNwtN4/nLLVaBlE2:ol6rl5yWW5lLBsLnVUUHyNwtN4/nEBlX

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2