Extracted

• • Target

    472e2bf25377b32cc0c37203ea63012ea30eb38ca29926b536efa7a974a2ddb4N.exe

  • Size

    48KB

  • MD5

    8598cc4edf71cc7177b5d840b24bbd70

  • SHA1

    a68bc978c46291500301ef6e53b259aaf46c065c

  • SHA256

    472e2bf25377b32cc0c37203ea63012ea30eb38ca29926b536efa7a974a2ddb4

  • SHA512

    e14df489042cbec4aa9c3a994d77e3cdb7c99863849d11b68842867a96bcc0840520f9fc64ebca94a4af623e111a6b16ba90f7e0045865d4fafa753cb5426796

  • SSDEEP

    768:W2aDrShECF5xctMFmeFinnognwHGmgEL0sS5ReN5QkQUylQLpJTJC+A/l4jqDuMe:W27F5xc+F+0LppU+At4jqDu0m

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2