Extracted

• • Target

    cd29b480dfc129dfd16f66e74be306f537aa442ad2a05ef0684f9c4f2977b17fN.exe

  • Size

    64KB

  • MD5

    ae9f993f3ff80b19d943c7db0a843bb0

  • SHA1

    39ef19f5e759d13273a3cf15e16d0733f4401c7e

  • SHA256

    cd29b480dfc129dfd16f66e74be306f537aa442ad2a05ef0684f9c4f2977b17f

  • SHA512

    a6b7558034ae9b913a9c6dabf873b12d26de07118430770c010d5675cca2d49b8fc2e40b6a5f30af590427dbc926d93f6b99ef131bccc3dd00813745404a955e

  • SSDEEP

    1536:toTcddvH49Ok6EPeM/nOhPCIvya0XUwXfzwv:QAR06EPeMni6IKPPzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2