Extracted

• • Target

    959e98098ba705f3575c76555981482c8b13851b6e8975fa18e135d0176d8e64N.exe

  • Size

    64KB

  • MD5

    ed338d0e724dc63d217e6f3d77740160

  • SHA1

    e2bc544f723b5709267f0a02f81b506b055e2656

  • SHA256

    959e98098ba705f3575c76555981482c8b13851b6e8975fa18e135d0176d8e64

  • SHA512

    d219508bf845b2a37c54e90b504060534b7b2ee455a860926c1b46b9d1c61354bd37dfb4c5dc08195072f41d2f95354a73c11d2700d4687493c4fef9aeec2357

  • SSDEEP

    768:KEqTDYFxkRHog8GN75uO4Y9F7J2LcCHHbIPsciSP5c4/1H56A6XJ1IwEGp9Thfzu:CYOHF5uOr7JCsH/CXUwXfzwl

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2