Extracted

• • Target

    74edc69cb89d51e1333f8a688beac002c1a88ffe493b23bb3502b0cf0f9dc1e8N.exe

  • Size

    64KB

  • MD5

    9c2ee935b4ff43cfc9bb8d03661c7f00

  • SHA1

    8ad5d8f47afd0bbc9991ca5d7d5a0e4ecb7593ca

  • SHA256

    74edc69cb89d51e1333f8a688beac002c1a88ffe493b23bb3502b0cf0f9dc1e8

  • SHA512

    693772a7e78c00d0da2db8404ad24446b9dc3d77f8ad0a78107450d673b95622b4e9b87b22be8406bc63f015e5ba0f4739ec45b5f9bae5fc237fc6b3586d9b3a

  • SSDEEP

    768:zfVdqJxCxsYR5MJhbTeKcrKno0wiGGelxmx3udROeC7/1H5Xf6XJ1IwEGp9ThfzO:bQxCxb5Ghlo0wWKsx30IBZCXUwXfzwV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2