Extracted

• • Target

    4549f5932a8f39f28aaf565265a5dab2d92bb3426383b5ed176df95ebe9dc3a6N.exe

  • Size

    318KB

  • MD5

    5505a7dca527d0f584925eb8547f1830

  • SHA1

    75d76c7eef98eb37088d4f6494c0683cc67dda25

  • SHA256

    4549f5932a8f39f28aaf565265a5dab2d92bb3426383b5ed176df95ebe9dc3a6

  • SHA512

    146838f8058ca4507f070a3a3fd10e50242536d1f17288691a44016b8bd03c87cb8ba1d2db984fed792946f1467d0a48a2378c82274ad4b0ce6af484af4ebbb5

  • SSDEEP

    6144:Ye2RVEQHdMcm4FmowdHoS7c5cm4FmowdHoSrNF9xRVEQHd4:YbO4wFHoS04wFHoSrZx8

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2