Extracted

• • Target

    e3f261500ecae3d8d40e329f2e261d5a31fb1a705326b1369b20bc3c36ee7c29N.exe

  • Size

    64KB

  • MD5

    630a5a3fbc7e100353b57bede9cb2bc0

  • SHA1

    8c43bf2931913bdcb4430231676e7595e78e75b9

  • SHA256

    e3f261500ecae3d8d40e329f2e261d5a31fb1a705326b1369b20bc3c36ee7c29

  • SHA512

    30d3c6e88e7da5becc2222f37292fb1bbc914f37b9fc14025535681b140f2c64d7be564f2f1d1a630189e8f4d7c288311bbdc2828ffe4f96c07bc367a8b44fd1

  • SSDEEP

    1536:9a2k1rCYkoxCKofuglLBsLnVLdGUHyNw2:bSrCkxCBfuglLBsLnVUUHyNw2

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2