Extracted

• • Target

    ca5fad22011bfb5ec395df9f31b0d3f0f1b2b040b06e87764635b935cc3d9fb7N.exe

  • Size

    232KB

  • MD5

    fbbc6793a23d3c8cf6026ff0a7b689d0

  • SHA1

    73e38f18929c7c0193e08dedc04fbf6bfd5f814c

  • SHA256

    ca5fad22011bfb5ec395df9f31b0d3f0f1b2b040b06e87764635b935cc3d9fb7

  • SHA512

    b3a9163b516658fef8dd0210bd47eb36e01936fdaf95b9d56de52711a93619baec17d853125f0091bcf358a70dbd9011dd4331ca95a1caac751761e099f7d22b

  • SSDEEP

    3072:gy4qFkNT8Ewets7usluTXp6UF5wzec+tZOnU1/s5HH0AU/yRvS3u121TzlbNRfz/:gy4mqT8Exts6s21L7/s50z/Wa3/PNlPX

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2