Extracted

• • Target

    f645dbed0741934e1446ba19295101e8a5c5c89f60a47257c2f535bad2785425N.exe

  • Size

    91KB

  • MD5

    c221f6acddae5664b3060cf982e9e280

  • SHA1

    1f6e6683fdbbab912b8666d220405bcd093e0f3e

  • SHA256

    f645dbed0741934e1446ba19295101e8a5c5c89f60a47257c2f535bad2785425

  • SHA512

    de8c69951e6c1e238369b5a9233ec3ecca939bfd17d6d183f4b047bf4b5b7c0fa42c4732192568b7c0972f1d989026bfb5265c788e251f5d67ca270fdd805d4a

  • SSDEEP

    1536:X6RPdi/Tvz0PJdtD3YriC3FSr7TiwkU6joqqIVLgq:sPQf0PbtjqvFSr7TSUurUq

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2