Extracted

• • Target

    1a13af52ab863c151b6b817196538cfb902efdc8c3a60f03453d6851e86d8d0cN.exe

  • Size

    250KB

  • MD5

    fe29147192c3adee017f3b1890894f40

  • SHA1

    69ecb4508cc3e2519898e83d2da7ef9beb48eb85

  • SHA256

    1a13af52ab863c151b6b817196538cfb902efdc8c3a60f03453d6851e86d8d0c

  • SHA512

    8b4a83d556856e69979238d68da112fff659f36a0cddd0481539a44fb2e1b4d5b222c7e23727ae90c64e768e91a61d607d007802b5f94798d8682192f11bfd84

  • SSDEEP

    6144:TW3AvLMZ5vCvfmZ7KRRRGBCvfmZ7KFpNlJTBCvfmZ7d:Td

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2