Extracted

• • Target

    006e5cc4f12fc8d743cea7b2ac745412132b7e875f1d7397b60b257124c97a6dN.exe

  • Size

    91KB

  • MD5

    9ef5c2b46b0300ba03796851ffcd2470

  • SHA1

    f35b6a742aa2167e7cbc250fbb89cbafe77acfab

  • SHA256

    006e5cc4f12fc8d743cea7b2ac745412132b7e875f1d7397b60b257124c97a6d

  • SHA512

    c93436055aaf34e1b31e1cd6f767f9f7543a41b917a6892d50e3202f26d2011492ae9462d34e8b283d2ced20e6c4f1b5434b82be29bd1f4fab5cb2d030e6fc76

  • SSDEEP

    1536:AQHD198FXCqefvPD3WfthlLBsLnVLdGUHyNwtN4/nLLVaBlEaaaaaadhXd45Ja:zKXCqefvb3WfthlLBsLnVUUHyNwtN4/H

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2