Extracted

• • Target

    087f3419b3d1aa450c16ddfe1ebadc796d4a5857d3a22daf32a04956ad0d567dN.exe

  • Size

    42KB

  • MD5

    ea99a5abe1cf3f782889603f422742d0

  • SHA1

    20c5493bbd31461dbc352c56cae57e9120caf81f

  • SHA256

    087f3419b3d1aa450c16ddfe1ebadc796d4a5857d3a22daf32a04956ad0d567d

  • SHA512

    d644db092b192ab02c8e7f808a5f0ba5c27472b7632ddbf79fae06cbf4d3cc2a992b61dfd2301d43917c2e7d10ccb2d60f3befd4cbbcb084fbda3ba26ed268c5

  • SSDEEP

    768:9+ByhHsLFkFumpd1La7pRfBKZIjVODChFq5YqmA/1H570:9jHmFkFlpdxajTODChFq5oGm

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2