Extracted

• • Target

    e6b31a055bf2826db64fc344981ce59cc146fc2a79195ee8f527cd5026542bf9N.exe

  • Size

    64KB

  • MD5

    a2f190fdbb2b27eb0aeaf46cb9277610

  • SHA1

    1e171f248b8d9c4929c85506d41c8b6ab2bd7cdd

  • SHA256

    e6b31a055bf2826db64fc344981ce59cc146fc2a79195ee8f527cd5026542bf9

  • SHA512

    bc9402d170a92abb4fe67cd9ac6d1a9e0359764c36c442edb5ca78857eb3490e35ad224e614701b83534a5ac86c513e520667e954ffc949a94369deefbe788ed

  • SSDEEP

    768:XY/EOVFG+FR4uEMZKYuMLTXXXXXXXXXXXXXXFXXXXXXV/XXXXXXqSQsd2xs9P/1P:IMOrhEMbmQ2K9haXUwXfzwV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2