Extracted

• • Target

    28ced657f29ce5cd5483fb5f522875932520e273119f9f7db3303519eb57d2d3N.exe

  • Size

    85KB

  • MD5

    18465a856ddfa0ed05fb6038a46e0bb0

  • SHA1

    602cb4320acab3f41d2252b1a5f59c5515b70575

  • SHA256

    28ced657f29ce5cd5483fb5f522875932520e273119f9f7db3303519eb57d2d3

  • SHA512

    70501337bbdefc04e6808686e3e7c3065b0c7704907789cf97ac87e95b3d05f659d26d41c672cae7b8f4ebce9d532ab675c4252cc36795c259c038fb4c6298bd

  • SSDEEP

    1536:h4F90kvIm5KrK+mj1xNXn2SlQF+tkH4AlO7uXcNvvm5yw/Lb0OUrrQ35wNBD:g0Tm5KrK+mj1n24lSH4j7usluTXp6D

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2