Extracted

• • Target

    d4224ae82192e6d0f34d83ed7fd881d356dee6d8baf8426a46160a38bc270e96N.exe

  • Size

    512KB

  • MD5

    4aa527816ad919e84c0a551fd3b416b0

  • SHA1

    e440f60a8882ceeadf1cd57619bae677e1a5c6e3

  • SHA256

    d4224ae82192e6d0f34d83ed7fd881d356dee6d8baf8426a46160a38bc270e96

  • SHA512

    7b8292d2908173c05edd09840a6759d7c52a4d0ebfc1013c4f2d74756e558bd7446bd334ee1d4a2374073bb9b175f6ea2c8b2e59bac238826987bb83df864523

  • SSDEEP

    6144:hWHV/t853XBpnTfwNPbAvjDAcXxxXfY09cnEWPDZ:4QBpnchWcZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2