Extracted

• • Target

    52c72f61951d98dd31ee1a56b5d26a8f23255c52ffd9ea378bb6a62c8d953065.exe

  • Size

    95KB

  • MD5

    4ddf2bd557b75e8a47f8dad2c264b827

  • SHA1

    32d1e5d6c66499f3e87f768648d3dc3e4a607ae8

  • SHA256

    52c72f61951d98dd31ee1a56b5d26a8f23255c52ffd9ea378bb6a62c8d953065

  • SHA512

    ac11ddab51be3ae1fb2622c682b9ea4010f5369a3fb278f3fba702cf39d5bee93422862f5f697c8a616bec93792a8f04ac27cf96f4fd1e0fffef1480d13c3583

  • SSDEEP

    1536:hX3SslhLSXWImenRwe86l1RP/vZWeujcVaRbRQrnRVRoRch1dROrwpOudRirVtFd:p37L4DhnRweFl1RfQHUkeLTWM1dQrTOc

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2