Extracted

• • Target

    93c68bf04452308e57a0467da999910fcc7b243b2f70429793ed3a63d679d490N.exe

  • Size

    64KB

  • MD5

    5ab80ee9d111dff6cc7247c591dea1b0

  • SHA1

    8359c7fce8538f59e0744e680fe561dbb31fe211

  • SHA256

    93c68bf04452308e57a0467da999910fcc7b243b2f70429793ed3a63d679d490

  • SHA512

    cf3260b6f6593cbb35e38379d14464efd0ba50a6601b9d1e32e11083975ef0f6243905a6339212a3c35d33a6a593a96b1cf64143d7a5f703610f6d9afd3688e0

  • SSDEEP

    1536:6FXjVc6M7xd1E3fFah4sxLbwnYYYYYYYYYYYYYYAYYYYYYZjYYYYYYx88N3p:6FXjVFM1WFBsF8+p

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2