Extracted

• • Target

    5df49555889f371cba7f068394c722d39f882858175814380953000308daf3d7N.exe

  • Size

    64KB

  • MD5

    4ec5bd11cf8eb4cfd79e7d7d54bf88e0

  • SHA1

    b5e43e11468e63504661f0c6e9561a422d42ff94

  • SHA256

    5df49555889f371cba7f068394c722d39f882858175814380953000308daf3d7

  • SHA512

    1c650d5963c5f1abcab6f87d50e23cf1b54bcf4755259147c7056687c3e29f484e1d6e20801cd6ef7bf14a5ed0c1b40ada620f9c5f4bd482a424d900e8aa09b5

  • SSDEEP

    768:SOIaNKHKL2fN76MqYndGkGzwv/5wKoovvy1+5WAYEWc5PZ2XhBTRCb/1H5Hu6XJ0:SOOl1DndGkGEn5WE6vE1UR69XUwXfzwl

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2