Extracted

• • Target

    b8c69209247356bbc69906d2f530adf7edffc8a28b4baaef74a127981e37f2e8N.exe

  • Size

    320KB

  • MD5

    bd5df815b5a2c6f9167f1711c26be830

  • SHA1

    c400b3027995ef56b3f2d8b3b833c58511d4d958

  • SHA256

    b8c69209247356bbc69906d2f530adf7edffc8a28b4baaef74a127981e37f2e8

  • SHA512

    a04bb78a3c7dd428d5ead7b76aa60633dcdc697e50e410fe778634fabba3917b45591e27681d05e529de6b20db2fc5c67413c0cdf7edacafbcd368f0dccacad8

  • SSDEEP

    3072:o5lzxG9AT4lVy8/41QUUZm8/41QrAoUZ4pWLB51jozFWLBggS2LHqN:yfx4lPZgZ0Wd/OWdPS2L8

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2