Extracted

• • Target

    8614ffecfaaac2f37ad1a643010d92722899de34ce497a08e275c652e222c9ebN.exe

  • Size

    85KB

  • MD5

    e317114e1aa75bddd80cf5a3339f3fd0

  • SHA1

    a817ace3aa1c0e55e02040624afdd9f19c0b69cf

  • SHA256

    8614ffecfaaac2f37ad1a643010d92722899de34ce497a08e275c652e222c9eb

  • SHA512

    7c5ba9d94faff3447a2ea4233861f41e9f504be6833aaa30162d59207b180c9787b2e77e5a379a4093f55cadb14058ed659352910da5b2a747a56b8c78f40191

  • SSDEEP

    1536:SjPZXML5jL30O0zPK5e36f7Gg/AqlO7uXcNvvm5yw/Lb0OUrrQ35wNBx:wu5jL30O0zPStG+47usluTXp6x

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2