Extracted

• • Target

    20db591dc1503090e97a8434cf0132811969b633b1c89746607c14e532798390N.exe

  • Size

    97KB

  • MD5

    9d25474f5f7d7c57784cbd22e749b970

  • SHA1

    e11dafced56a94ec5210375979a36e4d61752ee6

  • SHA256

    20db591dc1503090e97a8434cf0132811969b633b1c89746607c14e532798390

  • SHA512

    cd3a73ce8ee5bec97122a720b905a0ab66988a41a8a6b4e25ce44267ff16f6379363b504e8474acdddc189e5f25a145954c18620ac7c7e3a37328d189c9e4e7a

  • SSDEEP

    1536:3c30ExBEg2QF9Sd/D58rQ/04lMTgfPQzXUwXfzwE57pvJXeYZQ:3wBEg/FG/D588/0KMkfY3Pzwm7pJXeKQ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2