Extracted

• • Target

    358c365ab498fd99810f65990f03a505b8b1abdf37fdf5b2f65ed5a8b887733e.exe

  • Size

    64KB

  • MD5

    33020f5c451954fcc4ffe1e7f64bccc8

  • SHA1

    5307e612281590047dd600394eef6a0d30e533b3

  • SHA256

    358c365ab498fd99810f65990f03a505b8b1abdf37fdf5b2f65ed5a8b887733e

  • SHA512

    8345f2e76aeb0b2b84fd48e7922570afe38b26465e45ca04685192a91d4d0dba3a2478dcdf93db973b133ec117a4e79ee22b6dd862381c6242dbcd5b4230f246

  • SSDEEP

    1536:TpBfzWg5NnIWOKQBGCaHnEgaDpDPqZXUwXfzw3:quNIWOK0gaDpDPqdPzw3

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2