Extracted

• • Target

    326e6cf18174e755883cb47a7e90abc049ccd85c5462e26c39e05a48dc6d8dd2N.exe

  • Size

    64KB

  • MD5

    e01dd5c4935c9e0ee7e611db73bc7a40

  • SHA1

    a7013e1d483114ed71fb318a21cae6d1f825ba8e

  • SHA256

    326e6cf18174e755883cb47a7e90abc049ccd85c5462e26c39e05a48dc6d8dd2

  • SHA512

    7ffb1f6085fdce5f53629acfcfa8d187f8ef9d2a31a46d683f9ed39738cf7c641b0d4f873e5cb9a9abe4a17af2800df027754051b7058578839fe290a3c561fe

  • SSDEEP

    768:LjWKIklpJ7KL+P7fcZa2B45XH7BawXjmo0HM/wfTyohg/1H5Y6XJ1IwEGp9Thfz+:fek/okcVmGwXCoOvLThmPXUwXfzwd

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2