Extracted

• • Target

    e9277cffa74b123542bfb2386eab76616e5af893461810893d268e700e17e224N.exe

  • Size

    91KB

  • MD5

    b2ba4c03440c76ef2a0a306c88fa96e0

  • SHA1

    473b39d33c7660fa02d549b9a6657799837a4b6e

  • SHA256

    e9277cffa74b123542bfb2386eab76616e5af893461810893d268e700e17e224

  • SHA512

    cf7cc0ae1eda51066d1812bae734fe665f67f8580adb3cef71b3d875a3af0e33fc1bb9b469c9a36cd1d827e88e32bda49c1564206f7dc3a03f3afec940ace47a

  • SSDEEP

    1536:6CB+zhaouvQBVa5uI3tKKdlLBsLnVLdGUHyNwtN4/nLLVaBlEaaaaaadhXd45JO:6CBHYja5d7dlLBsLnVUUHyNwtN4/nEBA

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2