Extracted

• • Target

    28471036171165e9f654d46639f75ae969f0caade9b7d71f2b94129c1229d835N.exe

  • Size

    142KB

  • MD5

    144004f60e0953ac602df01417017ec0

  • SHA1

    71ecbda38ac7608638cac37492d85ac4902710b3

  • SHA256

    28471036171165e9f654d46639f75ae969f0caade9b7d71f2b94129c1229d835

  • SHA512

    1973d8b234b1f1d7ca7e8cb04e3c795ccf90bc5e944e79c71d3844b86cfcab5191c81712da861cdf92950b36c44ddb6b758ea5ce59960cfcb47c6572ea00f0c9

  • SSDEEP

    3072:H3ry6yc2mgV9oleLTkDjY5L3a3jg0DihKjgUDLjBQ7/OuOXNxrXTkDjY5U:H326pD0LTGjYF3azNPXPXTGjYe

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2