Extracted

• • Target

    aa0076bade03ee87dac8f8f8c607b1815d054370c4a21009ea50c91368a1dd70N.exe

  • Size

    151KB

  • MD5

    ca9de83a253ecf73c5ecdefe053d0b00

  • SHA1

    6ff014c7c9a3e92cf182d2750f208c27357f3964

  • SHA256

    aa0076bade03ee87dac8f8f8c607b1815d054370c4a21009ea50c91368a1dd70

  • SHA512

    5a1ce8e74008f6a64429da7eff43ba6e2b5877eee5413eca59c2aadd993c1c7eecbb1f38d3b03b392f16f47ab3931f8d3ee9a0ddef746a9e59f956e17b902c80

  • SSDEEP

    3072:+nybsQ6XJBbroTNYRDrFDHZtOga24ho1mtye3lVWxxm:+n6sQkTUNYn5tT3sFVWxs

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2