Extracted

• • Target

    1eed28f8990c59971e3501229f7bebb5a5ec5c66aaab8ab8f1c2c77b1fd75445N.exe

  • Size

    101KB

  • MD5

    9e654ec2e15fe0536e0e267ea71a2fd0

  • SHA1

    90747836ffa6567c2e588625841adea0e105c522

  • SHA256

    1eed28f8990c59971e3501229f7bebb5a5ec5c66aaab8ab8f1c2c77b1fd75445

  • SHA512

    82266d4ba91b7c46fa1ddb8315dd958302d205c99095d552c5e6fd86d51a739a13aeb6dab764259d754503db1bdf00343ea5cd1c9026b99a56eae71d2a0c287c

  • SSDEEP

    1536:zm9H0bwpkGkFJ5Fg0WzXtuXqbyNXrg0sZS7qlDABU8B9HYcJvDX:zmQ5FgVduXqbyu0sY7q5AnrHY4vDX

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2