Extracted

• • Target

    c34e2dbc4eb1e48ce564807a98caee0f96bb5946b8057ce740b357535e8a52cdN.exe

  • Size

    163KB

  • MD5

    d40309ade9a045fc52126881363ab090

  • SHA1

    b44ced8fc3de60043baa257b122ac74842cb3d40

  • SHA256

    c34e2dbc4eb1e48ce564807a98caee0f96bb5946b8057ce740b357535e8a52cd

  • SHA512

    d2c33f1b4f40072a9cc4337c16c3a573256478d51540283a6f3d5c6b8203aeeacdab4e90551303670d55427ac519e7f1c7d08cd885751e312b5269470e173d41

  • SSDEEP

    1536:F+mk+yJCo74EYm31FJSylQtfeX90AtGRhKW+jujAEjh8DTL9GIvg/SylQ7aHbKlF:Lb2YmFFdYgnWAUjWDUIwLyc4F

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2