Extracted

• • Target

    c96c2fa8a82e25ad217111e95c903615ae8325a2a9c4326edaeef2cb6fe6d739N.exe

  • Size

    85KB

  • MD5

    def3a92824f1fe8896cf0017431c1410

  • SHA1

    fb091ecaefe92aed0ed8c9214c169f38eaf85253

  • SHA256

    c96c2fa8a82e25ad217111e95c903615ae8325a2a9c4326edaeef2cb6fe6d739

  • SHA512

    c547e0a1d3e41524e8e5c3630de654bfee33284c008f66a78cbd81d5805fd19aff5f0851b438d9e346d6f2bfc23391289b0e7ce63f6662058db2e0d7f4d46adb

  • SSDEEP

    1536:9/6nZ6fMLsPI+kpzeb9qRNDrl54lO7uXcNvvm5yw/Lb0OUrrQ35wNB5:9/Yh2UNDrTb7usluTXp65

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2