Extracted

• • Target

    4c09042cb30a490f9279b572fcf1883a1c1cc8c18c488a871ac5609d191c9020N.exe

  • Size

    395KB

  • MD5

    cfa4816f1c7818eb46b64714e14feda0

  • SHA1

    f9610cff03b9e76072c77eb1b40c43a051cf3c02

  • SHA256

    4c09042cb30a490f9279b572fcf1883a1c1cc8c18c488a871ac5609d191c9020

  • SHA512

    be4d6f7c1de4697a74c7eae4c5de40832185005d7c70f7a0ab15e31de5909dc928ea4ffac1f99c3db36d5b44d5ed58fe3de5449dbfb426c7ba8579f342d996b1

  • SSDEEP

    6144:0hA1Lj2e8Ws4y70u4HXs4yr0u490u4Ds4yvW8l0:xZjfe4O0dHc4i0d90dA4F

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2