Extracted

• • Target

    7f74e9e38cf523f11073fb06a0a88cdefa43c463105742a62a46981dc0200c3bN.exe

  • Size

    92KB

  • MD5

    e6ca9ce51b7c0fbf88cffe5ebd487470

  • SHA1

    691b5012f1b3aa58286ff9a9edd84f271df1d7f9

  • SHA256

    7f74e9e38cf523f11073fb06a0a88cdefa43c463105742a62a46981dc0200c3b

  • SHA512

    3786c59635e5ed640eb28e58b9b71911134110930dbfc7255681468f058ff00b14373878a6f71d8151f8ed130fc5cd0693080d152ae2adf7feda7a60de6af50e

  • SSDEEP

    1536:nrA1BN52gdBsbrZf3NfUijQC2dG+eo1xC0GZFXUmSC2e3lO:n052grW8ijQC24ho1mtye3lO

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2