Extracted

• • Target

    3d66b3778c1f378d034b16f69121221bf3fa1f56d27cf5a5da808dce6ea9f002N.exe

  • Size

    194KB

  • MD5

    b582af128b4b36525c075cb763d5ca40

  • SHA1

    efcfc86ba93fe8a13da689f08b56b3ac22023be9

  • SHA256

    3d66b3778c1f378d034b16f69121221bf3fa1f56d27cf5a5da808dce6ea9f002

  • SHA512

    b24e08faaa36a488dda3710cb3d03d76781e5c04d999e6ce3074a39c8b02e43a3c36befade6eb39daeb35ba08f35540388cd6bfe9534536df1a5d9e490f184b2

  • SSDEEP

    1536:8fDGJUmuxfkwEGsA1AUsLSH+mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm+mmDmmo:Ymuawfsq5mn8mMIM/kEmMIGumMIc/1GV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2