Extracted

• • Target

    ad6e47949a38afe8323d5c8a11cb5ba0f891de7f2e5bc991456f1245ab0f02c0N.exe

  • Size

    415KB

  • MD5

    7abb153416da0759bb24084ac628d510

  • SHA1

    f98759424cc5b9644203cafd3ab58ea560c53cfe

  • SHA256

    ad6e47949a38afe8323d5c8a11cb5ba0f891de7f2e5bc991456f1245ab0f02c0

  • SHA512

    0e5c1cba0f4518c84f0cda5a042ebf63b6d16a9f8e48409e9bcd28ad912aee9073265b0cf80403c362a458c33a56e1fe8a29af34322e12713583dad135bdd5da

  • SSDEEP

    12288:fFKxCo0oWj7NtInBBBBBBBBBBBBBBBBBBBBBBBBB0kfBBBBBBBBBBBBBBBBBBBBD:tKWklp

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2