Extracted

• • Target

    9c41275e605eb6028b5949be6704d08ef20effa142d77bfad10459ae7f8a5f0eN.exe

  • Size

    55KB

  • MD5

    bd6cfe9318e7fc9319a0479954b4c270

  • SHA1

    c91d73a5a8688e9c3cac33dd8272ef3e3c36c5b7

  • SHA256

    9c41275e605eb6028b5949be6704d08ef20effa142d77bfad10459ae7f8a5f0e

  • SHA512

    1ccf96a58b4cbe60f24b62f8bcba28ab4464734cdc2eaba6e2f22ea18c8092e7377269ff5899cf647833c8f03b81ea9e926734ab6bf634e726cdb11458a3e393

  • SSDEEP

    1536:uXInsYfGyZzYY4qwaq3JqOnFNSoNSd0A3shxD6:0Q1ZzJKYOnFNXNW0A8hh

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2