Extracted

• • Target

    f735d62c3dc875b6e0eefb06aa4efa802cd9fc2e7a363651ca1c2ce995b38a41.exe

  • Size

    512KB

  • MD5

    b79652d5e41de0a2a2081333ba208f84

  • SHA1

    1b6dff91f5de567cb27cb3193157cc46d42af939

  • SHA256

    f735d62c3dc875b6e0eefb06aa4efa802cd9fc2e7a363651ca1c2ce995b38a41

  • SHA512

    14a08dd5b6473656ed4abeaccf0ce0813471366e6a8857b85aece27f1675e661b6d3f7921b3c177d2a005db85fd1c69cb28ddf2e03a093806d5be38a3dee1f38

  • SSDEEP

    6144:dK5jk853XBpnTfwNPbAvjDAcXxxXfY09cnEWPDZ5:zQBpnchWcZ5

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2