Extracted

• • Target

    4e1991b37ee6958085c6dc2a01487e987ba9432682f02234d3bdf70eb5ad9bc6N.exe

  • Size

    91KB

  • MD5

    5ebe6d48f07ac9b8f870f135dabcdc70

  • SHA1

    5dbbdcdc09f29b4169815b22c42a25d7b3c8eafc

  • SHA256

    4e1991b37ee6958085c6dc2a01487e987ba9432682f02234d3bdf70eb5ad9bc6

  • SHA512

    bd2398db5779726708685cd150f3d66b9fd0970d6cfad396a2c730887f4888c945fde565c07a4c3ddc83dab5639d26e332915b5bfb36b5ff158dbe26002dabff

  • SSDEEP

    1536:OfuEhdGBS7JoHNKbBdU8hp0hetSD9ZjVCiNXR00s5fZeZQLD0:guiwcbBdUC6hetSDLVCiVR0d5fZeZwD0

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2