Extracted

• • Target

    ab5d2f6f367ef0912c48f836afcfd56d6533d6a1bf3f3d9fc7585e6b75c8651cN.exe

  • Size

    90KB

  • MD5

    d1976ae738ff8a2fe39ba82d767b4b80

  • SHA1

    3aaf46c39210e34755951d399d9d6583228465c8

  • SHA256

    ab5d2f6f367ef0912c48f836afcfd56d6533d6a1bf3f3d9fc7585e6b75c8651c

  • SHA512

    36a54211d3e3233d675fcf7ca4e0cc7946b9eaf409ca5bde0a45e43cd4cc64b3ee2f8e3c992b95279b4fce4f8d1c53b84c1be3b82371e0af1d23fa3f02cae5ed

  • SSDEEP

    1536:jSalIMkc+IIFmcx40fZ5rQN5PzeeKI9yVnQQC4fl8k/7TZP:OalIMk1lFb4IZ5QoeK83T498a7TZP

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2