Extracted

• • Target

    ec488520eafe895bcb0b26aa130e0f8b2e7398b1d03a62d75adac5cf5b9576e5N.exe

  • Size

    97KB

  • MD5

    b955272ee03c762e776d22f566038b80

  • SHA1

    79a8a4f5c7c930f8f2d55130e3af5419c67608be

  • SHA256

    ec488520eafe895bcb0b26aa130e0f8b2e7398b1d03a62d75adac5cf5b9576e5

  • SHA512

    6f9c16453a73e7a32724970c6380ec7baf41256824ede2e5ed004197108e3bfbf1255ee67cfe29f7ac3f677bb3d4b4bd43dc4c7e78369a3cb2f022a3e06afa2f

  • SSDEEP

    1536:E8sP40IWiwL5PEpP377kj6zzBXUwXfzwE57pvJXeYZe:En2b377dzBPzwm7pJXeKe

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2