Extracted

• • Target

    c76865ee0fac0d6149a5ab5a9f9c95b18b8755719bff4424e1743eeac0d54719N.exe

  • Size

    64KB

  • MD5

    517bfb105e503a402003a39cfb8255c0

  • SHA1

    f857fd533b0c2eaccafaa0be6f82599ac18a5d69

  • SHA256

    c76865ee0fac0d6149a5ab5a9f9c95b18b8755719bff4424e1743eeac0d54719

  • SHA512

    87db1af5d557f8eca09b7fc2a27e4019d61045529241135e837e1ae3ae9360081e9d7c517e7d69e398a2f0915b0958455a5d92a034b1cecbbf86cf0f54f804fa

  • SSDEEP

    1536:KxoFHfjy9SJV0FlL4wJ9eEW2alLBsLnVLdGUHyNw2:wEe9S8NqEalLBsLnVUUHyNw2

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2