Extracted

• • Target

    e1ee430cb1725c3b64f1f6ae8b024ea55be3bb4347e8668c9628091a1ff19b74N.exe

  • Size

    64KB

  • MD5

    ef4482e8a685533bcd6d6aa8910d01f0

  • SHA1

    b4f4434f88383a983ff3720f2bcff94d5135aca6

  • SHA256

    e1ee430cb1725c3b64f1f6ae8b024ea55be3bb4347e8668c9628091a1ff19b74

  • SHA512

    2dd3475624ce79c5264afdf65d47d33d1fb4d353dbc58ed37da4d594dddf7d16d5543b1725f2e6d17216c6fc046e799d6546ad6200ab5e4988a6add12b0f720d

  • SSDEEP

    1536:DjbK11nSc09LTlhByust5Wkk8DjcXUwXfzwV:bK1Bj4LTlhBe5WR8DsPzwV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2