Extracted

• • Target

    6b8c0c47b64294bb76d8e55d4b80604c08c97f298133742c6be8db04bff16e26N.exe

  • Size

    64KB

  • MD5

    a0d935deba42a64e4ba5b97db1dae090

  • SHA1

    a6eb0730b501c60caf063dc9655e493d2f3fa322

  • SHA256

    6b8c0c47b64294bb76d8e55d4b80604c08c97f298133742c6be8db04bff16e26

  • SHA512

    0c09e2ed8d5dcceceffb98e92f297951f1702290db624a91e25a85f342c5f008c55fce482a235fc4fcd2e1246bbe339a839d3d70ae36119b6ac3389e2510a4db

  • SSDEEP

    1536:X/2ef5Tu1noa+OSSJMJ11Pg5aqFgDSXUwXfzwv:Vxud0SJTMNWPzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2