Extracted

• • Target

    2b0a6e110c8ff5fe22e67d6b7be65e7c4335a5596085de84affade44b3811a97N.exe

  • Size

    97KB

  • MD5

    4aa48023127ae7bf011f2c7458cd6650

  • SHA1

    ea2745289afdf6e7a84c58bfe1dcc20d6f05124a

  • SHA256

    2b0a6e110c8ff5fe22e67d6b7be65e7c4335a5596085de84affade44b3811a97

  • SHA512

    cc42be9b760ab618b9f3a9c82d9cdadf8176fe2f7b4d24e2707e585b9b982ec413f023e88c65c0d2f1e52d52c55a824ae317c3f5a9ef31caac98ca4d0f19a95d

  • SSDEEP

    1536:u0uZh43IkloZpFYQVhY9AD0sHAQPXUwXfzwE57pvJXeYZc:NuZ+3pRQnLD0sH7LPzwm7pJXeKc

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2