Extracted

• • Target

    12000e1ff6f762ef7238e033bd86790af0704fb464e2e614f97134240f8fb020N.exe

  • Size

    163KB

  • MD5

    ce0efba793dab766dd952cee291c7a70

  • SHA1

    3e1d512be7476740af5996e007b6aaba84e115ed

  • SHA256

    12000e1ff6f762ef7238e033bd86790af0704fb464e2e614f97134240f8fb020

  • SHA512

    eae60f4e6bdcbe81d5b07d798ff9f7adcba22bad05cff1c91c87c41073140ae8d4684dee01d5799349af3b8a5039bc18055061814e70069279bec4dcdacb25e6

  • SSDEEP

    1536:5a+2oN5cF6zH9QvK6LSylQtfeX90AtGRhKW+jujAEjh8DTL9GIvg/SylQ7aHbKlF:5aboN5DOvXbYgnWAUjWDUIwLyc4F

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2