Extracted

• • Target

    58b65097f0c305258727d789b7afa802cbb54cd4f69788afc4ef53cff2c07009N.exe

  • Size

    91KB

  • MD5

    aa75f434be4c74d3cfa6efc28e96cef0

  • SHA1

    fb52019d5924a408a0ce2f4cb00a79fdd8f05a97

  • SHA256

    58b65097f0c305258727d789b7afa802cbb54cd4f69788afc4ef53cff2c07009

  • SHA512

    2c35740fd068e812e91fc4b89befd76a607425e88bdcfa828bccc824c8afe0d682cec18c96f89c10b55d37c8ea2350d61f0797bd34bcf4be50962fe2f9043e29

  • SSDEEP

    1536:WWvZ8rF+0az5IKskOVcJriC3FSr7TiwkU6joqqIVLgq:WWRyFW5mVc9vFSr7TSUurUq

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2