Extracted

• • Target

    05bc425b1093ab4be04892ddeb8aa130d1640d6f584b1540ab75610a6ef858b7N.exe

  • Size

    84KB

  • MD5

    4db807ea359687cd468cf43a74a65480

  • SHA1

    f8d7e4f5958de5cc442d796c56994019029b2bc9

  • SHA256

    05bc425b1093ab4be04892ddeb8aa130d1640d6f584b1540ab75610a6ef858b7

  • SHA512

    d691f7d8b94212953187c496aa8889794100ad15726a95eac9458f24755320c78f488a0df87d67f8e02a017a7e5a25c7a530e724b031c1f8923b54d33f782b2c

  • SSDEEP

    1536:rc0P3OQeCTnISPJpXC7LCV9qQ/cK8ANZLvfPDyH6n8dEelLYR7xeGSmUmmmmmmmr:I0NVhILC7/cS3PDyH6n8djlLYR7xrl

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2