Extracted

• • Target

    9dd64c76971d70a9a85c7e661845735283e165992e38aea12e95d1556bd00035N.exe

  • Size

    352KB

  • MD5

    e4a61961db6f018abb85991637431fb0

  • SHA1

    11b26c94c0d747807809acc8f48d16518baa6395

  • SHA256

    9dd64c76971d70a9a85c7e661845735283e165992e38aea12e95d1556bd00035

  • SHA512

    d95470d702833f457a82b42284f4af01995714b1deceeaa45a0f917a734a7438ec95b2c80fa2fc0ed0d29f044929fa36650aefdf917f1d41cd463af4f0ea8f9b

  • SSDEEP

    3072:ZmSyqPrRAmYOJF4EISi/i4gG4nv4H3EzkGSaXiT+9S+a1+s3wNxP:hzPLN4yjwHL/T7GsyP

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2