Extracted

• • Target

    6e957a32f8a6210b5079a9cf8c9600efab3cb98cb540dbc37996493392d898ecN.exe

  • Size

    84KB

  • MD5

    b54ec425c2be1bcf890996a4a9e15690

  • SHA1

    1b92d3d01915c1d68de40c0e620127131c5e23aa

  • SHA256

    6e957a32f8a6210b5079a9cf8c9600efab3cb98cb540dbc37996493392d898ec

  • SHA512

    109bbb99ddb57995902825dcba084aafde74b3fdd6530c4087b299e918a30395b6a0ee7d4860ff29d3841cb5aff439f49ceea0f4fd7259269e07ba5213f448ac

  • SSDEEP

    1536:4laL3pqVBwMaSGfWjgSfHtTq2b42CqHZYXXms8ANZLvfPDyH6n8dEelLYR7xeGS0:RdqVBwMaSGfWjgSfHg2xYXXmo3PDyH6L

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2