Extracted

• • Target

    b3851652ab3f3ee8b54c12b960402e76054ce3d2275604ecee0b0d336795e306N.exe

  • Size

    422KB

  • MD5

    6bf81f37685b2c0d1c439c6fe0b0a980

  • SHA1

    9d940319e46c327fcbcea694b19119f112f7b099

  • SHA256

    b3851652ab3f3ee8b54c12b960402e76054ce3d2275604ecee0b0d336795e306

  • SHA512

    7115395c8ba3ff013e408e7e3c993ad2ac07118c5cdccd40affcc704a477733b703a4897843990fa88a77737f4929b8913f0103472098065752d19547e6e99ee

  • SSDEEP

    6144:lAyp/bWU5xGEbabO6FSPnvZU1AF+6FSPnvZhDYsKKo6FSPnvZU1AF+6FSPnvZq:ltRxhGaXgA4XfczXgA4XA

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2