Extracted

• • Target

    901cc103949f0f22aa11d08404c5de43789ffbf415ec024ba0d0b05c9008db96N.exe

  • Size

    194KB

  • MD5

    da22a2194718a2c2bd854e5b61aa5450

  • SHA1

    4de93f14303604d38499d56061de7165b244fb72

  • SHA256

    901cc103949f0f22aa11d08404c5de43789ffbf415ec024ba0d0b05c9008db96

  • SHA512

    e0de1395716768e9615991efda4fd17dad9c1869aff875411f10ab4cd53ae38dde39a2dba4e7bf0350db72eb914aef5b4d1b87850dda86882ac213859a75b2a1

  • SSDEEP

    1536:21NR1MbusUdeW07wVos7OkXxZOZatMIM/5/KEatMIGuatMIc/zT4a5G3:2L1IkOk7imMIM/kEmMIGumMIc/1G3

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2