Extracted

• • Target

    ae51393f1b76d9909bf15b3c2fb1fd649644325ec18170ff3fbe08005f337e94N.exe

  • Size

    301KB

  • MD5

    e8066333ca446752aab215c230153da0

  • SHA1

    fb61006f39992a957084e9358eb51c5304309d9b

  • SHA256

    ae51393f1b76d9909bf15b3c2fb1fd649644325ec18170ff3fbe08005f337e94

  • SHA512

    3a230020e1ae31761250f802cfa0695068879cc42db2d497190cf1d2a18b15f150685337627ddc413535b25eb1a5c419b355cf8ea2d5bdf1d7cfdf84f91e5de3

  • SSDEEP

    6144:hnEOGLlmZfm+kte+MZmYm+DakBpvXBwNBezP:hGe+Y/+TezP

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2