Extracted

• • Target

    8c2ca82a8ef81c306825c1630bf4d9c216df3e17925e31a2aa54fc50a551a60fN.exe

  • Size

    67KB

  • MD5

    fe9e3b5873550b19341c4ae1970597b0

  • SHA1

    2f08c488100e8daec05423d24a7301f623a3ee57

  • SHA256

    8c2ca82a8ef81c306825c1630bf4d9c216df3e17925e31a2aa54fc50a551a60f

  • SHA512

    3be100e008c736e3d177e7879f961ccfd277e61ceb9eb894cfd782d8c1aad4dc8f7a7da9ec12a3bcc4d4a742c0cbe5ec6ca2d3d56bc1c9e11cffb15873f3bfcf

  • SSDEEP

    1536:BPk0DRC+C9260iszlPTwNlyVAsJifTduD4oTxw:BPM46jWlPTwNlyVAsJibdMTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2