Extracted

• • Target

    6ac204d97da28173a7899ebb9e4ee1ab3ec61457a6304e19ae52b2b3e2150c64N.exe

  • Size

    64KB

  • MD5

    79303517ce18fe67448b5cdd0b0f58c0

  • SHA1

    fb00bb914821abd18525d83c10100f26b620bb32

  • SHA256

    6ac204d97da28173a7899ebb9e4ee1ab3ec61457a6304e19ae52b2b3e2150c64

  • SHA512

    02bff26d21fe1903a40caf099e6f0ce9fb1f251cc766aaa45a722772fa5dc9717595701de6e515c3bbcad4b3a4d416f9417762a8873bb4e800bd9c4e83b85794

  • SSDEEP

    768:+ta+Nl54s+oNvR3EnUlFlCwE6zV+ul9w9vhNuPs/1H5+h6XJ1IwEGp9ThfzyYsHv:Sa+2oN5cF6zH9QvK6FXUwXfzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2