Extracted

• • Target

    e25cc95c4a08e5633889511693031def40add2f6d730864a53044549a7eaf7abN.exe

  • Size

    84KB

  • MD5

    8aeffc411f72da9f2fede7b2f32f28d0

  • SHA1

    e0faf4e4df070d015bd495501fcb11fbdaa4d380

  • SHA256

    e25cc95c4a08e5633889511693031def40add2f6d730864a53044549a7eaf7ab

  • SHA512

    c4cf6aeb355d2569eaebf00e9f33f44a069cd017d88772802131fc0cc3f8b438ca4e1e85e1257c16c4b6d9d1a7325bb2d828f226d800801f313cad75d3a41331

  • SSDEEP

    1536:f8pG5cVHzgYnQp9/vxL5T8ANZLvfPDyH6n8dEelLYR7xeGSmUmmmmmmmmmmmmmmQ:Ep3HzgT9/t5z3PDyH6n8djlLYR7xr3

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2