Extracted

• • Target

    faa392db12589773c0a5105d468c9ac2b580346f0c84e1e39212d13061c63717N.exe

  • Size

    92KB

  • MD5

    ba14ba071989a4ecf70f5a7d40ee1cd0

  • SHA1

    8467e0cd53b1ee538377ed9eee36fa588a10e758

  • SHA256

    faa392db12589773c0a5105d468c9ac2b580346f0c84e1e39212d13061c63717

  • SHA512

    459470b158be0af97c78fc730dd5716b6da07904f3a1bcb76be72a6644346bf71626e77f8826ba655e34f36a91b43df7b9f633330776096763abf2e277c7b1fc

  • SSDEEP

    1536:Mt5mnPawCvqzC+sLI1wbjTA2dG+eo1xC0GZFXUmSC2e3lq:Mbw8vqSI1wXk24ho1mtye3lq

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2