Extracted

• • Target

    37c63e4bff19942817177e2599a92622e341be1c79d8639f2e14885e7127dc25N.exe

  • Size

    85KB

  • MD5

    bedcd89dcdc44d610c4e4a9e81117510

  • SHA1

    08a704528200a1ec13806670e96c279ecf3dadbc

  • SHA256

    37c63e4bff19942817177e2599a92622e341be1c79d8639f2e14885e7127dc25

  • SHA512

    1056abad1863723aeafbfbea2772e1af0759fd5598113054611beeb3163293b1b16d5cefb1cc38ab2268a7a55748b5f67c07b0e410dddd91b39fe0083c1ec1c1

  • SSDEEP

    1536:trs290XAO0ra1A28OxCpKu43MRolO7uXcNvvm5yw/Lb0OUrrQ35wNBB:tYJXr0ra1A28XpCM57usluTXp6B

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2