Extracted

• • Target

    f916cb2790fc58742d76213bfd9f175506be1e2f2f0234582c67858f0edbd237N.exe

  • Size

    91KB

  • MD5

    ead871a4b0d022146df8337e9b5bba90

  • SHA1

    f2e0807c244d7840f06351694961ba82651a0a6d

  • SHA256

    f916cb2790fc58742d76213bfd9f175506be1e2f2f0234582c67858f0edbd237

  • SHA512

    1cf825c84baebdb9497049ed5c5cee78fe150e8bd2e98b88e7215622f0d41a4efd39a95521ad17ddac63ec0d77f4b23bb929104c0c930a6a5e00f17cecb47169

  • SSDEEP

    1536:cxkDBwE7v/F5nCppMppppppppppppppqppppppp3pppppDQTE24C3SlLBsLnVLdq:/rv/F5nSDC3SlLBsLnVUUHyNwtN4/nEi

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2