Extracted

• • Target

    57ee8613e0be95174abe8dbf624dc4f8ed2d67a6c6c01ae37064186f97358825N.exe

  • Size

    409KB

  • MD5

    bd98514383a2f9c2c73f740c966bcd70

  • SHA1

    539f0f4c96c5522b387fe6df4bfcb2ee64d34da7

  • SHA256

    57ee8613e0be95174abe8dbf624dc4f8ed2d67a6c6c01ae37064186f97358825

  • SHA512

    dce44ae428c692c08ae3d69eed934a382c34b06871446262f9cfd556277d43c8df2dbf9de73d888ca97c7c29fdd348e72b7d163b3a186f2bcbf9d38d8e00b0f3

  • SSDEEP

    6144:/rqg/L9gqnnnnrGZ0WdRcm4FmowdHoSuNZgZ0Wd/OWdPS2LStOshOWdPS2Lt:TR/L+T14wFHoS/F5fC55

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2