Extracted

• • Target

    d4649f832bbdcf7b4f50d9734cb877d6d6b594b84e6b3f7d58d8c87ae1a2d3d9N.exe

  • Size

    64KB

  • MD5

    c28cbb27bfeef36d9c361b665fa548c0

  • SHA1

    cd1b6e2676d7915980724ad89a0f34515ee068b8

  • SHA256

    d4649f832bbdcf7b4f50d9734cb877d6d6b594b84e6b3f7d58d8c87ae1a2d3d9

  • SHA512

    749ff8fb0f88fe8c9dc4dad8b8920355a628a53827e0d4c018941a13d31f34cb0b85fea2ecb73829224497908a0bc3d425c2387d3e1387707f612310afc370a0

  • SSDEEP

    768:iWFBj18VW/jOp/Oi2IpMFzh4JV+u+59ujG1RBvm3OW0U6b/1H5jG6XJ1IwEGp9TY:xF1Op2IQ18Vy1RBvmNzw9TXUwXfzwd

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2