Extracted

• • Target

    26abe0c25cf4bf3c4968f4d7d76eaca201c2264723ef69c2441be39a96c42fbbN.exe

  • Size

    45KB

  • MD5

    f2b76d41eeb974ec5af33b4873b98000

  • SHA1

    927f7b29d0bb45acc58aa5f8df61a86a0b669ed9

  • SHA256

    26abe0c25cf4bf3c4968f4d7d76eaca201c2264723ef69c2441be39a96c42fbb

  • SHA512

    3023d7bcdfb89830eba0dea3a2116bb5fcf6262c2fcda3fbe90af3eb43f4a2a0c72bd01a2e2dbd9ad5d47489bd6fc6b7e1d7fb311b5048ebb519f268ac27eba7

  • SSDEEP

    768:nFin2ubm2aB/YoSuJ+G93OzgIK7EycaP391h8aVPQ/1H5Now:w2GCv1OzgIq3oVx

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2