Extracted

• • Target

    584518b1663c5c93f1ffbb241f82ce6a341656b697513de71849743471187c22N.exe

  • Size

    64KB

  • MD5

    e5c333f1e9607ab988d8f86de3c84e70

  • SHA1

    42bdb73d4fee17b6a05b766c11e23f82e8154aff

  • SHA256

    584518b1663c5c93f1ffbb241f82ce6a341656b697513de71849743471187c22

  • SHA512

    e59b8d8ea71ebaa7a5ca6fa2f8f117225f512e5b94c8f5e571813b52495a02cd4996e9c25326051b2b1f9cc0b465ae5eb44db84ce07122358eb210808e7f714d

  • SSDEEP

    768:S7FZOIPJ+3CLf5Tu3JP5CN6DJNd9iaOMJKZ51FGE/1H5K6XJ1IwEGp9ThfzyYsHV:Sxf5cCoDJL9tOMJK3qaxXUwXfzwV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2