Extracted

• • Target

    6665a9d2c5067f3d32e4658f4e143053038c88149fd16eb950b106ef4115acfbN.exe

  • Size

    344KB

  • MD5

    ad32eb9a39a9a85b58d8ab046a004710

  • SHA1

    6e1e2fb3d203dfcceb44dd5150340c61f924889a

  • SHA256

    6665a9d2c5067f3d32e4658f4e143053038c88149fd16eb950b106ef4115acfb

  • SHA512

    f4644e2bd4ab32dae987ce9c5e2e3280c456afbe9c75754dca58cd84daa00bd29ed50238ddb9ef667b28224eed1ececf3270380443087a6e72c1073d8df309b5

  • SSDEEP

    6144:tXMOPcQCpX2/mnbzvdLaD6OkPgl6bmIjlQFn:NMICpXImbzQD6OkPgl6bmIjKn

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2