Extracted

• • Target

    7d85ae02cab3d56606ce2fdcddf804f9537e0361ab7bebc48120481c90312925N.exe

  • Size

    84KB

  • MD5

    5eb3e49e527ebc7175983e5ddb61e4f0

  • SHA1

    9c81a1ddbc24a3f92a7d78dad26d0848ad825194

  • SHA256

    7d85ae02cab3d56606ce2fdcddf804f9537e0361ab7bebc48120481c90312925

  • SHA512

    cb4c58b6d2736619fe9be8692566602af70dc3742385bfc312826f43de08e6b068b9a80453dc245d351d862e5bc30e31b0b6f385b8ecbc6458780a9c8ddc80ec

  • SSDEEP

    1536:xdRbtC+zTvNX05fGFJUcfctVySu8ANZLvfPDyH6n8dEelLYR7xeGSmUmmmmmmmmM:xff7x05fhftVy/3PDyH6n8djlLYR7xr/

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2