Extracted

• • Target

    3c8412a2a051f695c3db5d9cf69bb7d1f8a23daa408a995cb9cacd642f73c86cN.exe

  • Size

    219KB

  • MD5

    51b0d961ace00c04608971a2e18130d0

  • SHA1

    e43610fd0ad156eb81fde8095b1d43e367d1d5fc

  • SHA256

    3c8412a2a051f695c3db5d9cf69bb7d1f8a23daa408a995cb9cacd642f73c86c

  • SHA512

    6dcf104c22d01535496e027ae0f0be75cb9ee4ca51c1da31d4c2b66bf38f27cc2995653b442076a4aca912d07bfe6431ff1df11e81384c2e50512e5f8fc5f2d7

  • SSDEEP

    3072:feYTr35NxWu8aVPzwuZkO0aDb/IBPCOQvU6z314EXrjvwSfYrwBt:ln5NxX8alzDOO0aDD4PCxdXXwSfYrwB

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2