Extracted

• • Target

    d26fd8f482f14e78f17cbe8793d8e17660946451f183dedc487248a4d3f96779N.exe

  • Size

    226KB

  • MD5

    9bf1332d6a4d9f73bee36f268d7f4340

  • SHA1

    3f53c4a17c158f760e3034b828aeb82948bbb4ff

  • SHA256

    d26fd8f482f14e78f17cbe8793d8e17660946451f183dedc487248a4d3f96779

  • SHA512

    a48e2e13a033f30f14752b972dcacd21b06c2caa37ded09cbaf0c6bdfcefef7e1c4385f60bd254bbac4a61de1088d41b43e34accc64a8aeac97a54c6e787f7d7

  • SSDEEP

    3072:ksYvg3Vim1Qrs0gv4ums0DKcWmjRvDKcpDKcWmjRrzNtQtjDKcWmjRrzNtb:7YOjWEVxEtQtsEtb

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2