Extracted

• • Target

    e83cdf68c340ddfd26f1076b5934644260353646f6375c0d98fb715965c533aeN.exe

  • Size

    232KB

  • MD5

    47ded1af30fb4b7445cbe725d8492d50

  • SHA1

    72dac4a1b603b625c9d33ac9c4d691de16ac5a7a

  • SHA256

    e83cdf68c340ddfd26f1076b5934644260353646f6375c0d98fb715965c533ae

  • SHA512

    a6a3540a9f378f2a4e2f5b9b698a888da4b36c45995d603d512c8182d8248dc83cde8d2ebbbb8667a3d810e8041140881fc666951c08bae14cda57c8efaf2a73

  • SSDEEP

    3072:hYmRH8w7usluTXp6UF5wzec+tZOnU1/s5HH0AU/yRvS3u121TzlbNRfzPadOF:huw6s21L7/s50z/Wa3/PNlPX

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2