Extracted

• • Target

    c5b1b414516b0b0a9fabbaa675bad594e03f23edc0ad92ad48884e13d76ef309.exe

  • Size

    45KB

  • MD5

    64753ddc98d55db64afbe380aac81010

  • SHA1

    0e4561c837461a6ffed12244204d2773e21583bd

  • SHA256

    c5b1b414516b0b0a9fabbaa675bad594e03f23edc0ad92ad48884e13d76ef309

  • SHA512

    08a48ba7a8307bcf259bfcaa708e856aaa48a06efd4681ac5ab0dd10dc30821f9203163e36123b644cbf05b32862ff989ded862d30bf401e573210019336092e

  • SSDEEP

    768:noLjdmxSW9iwKbdmbWFgbOc4cCQcquHBm0M2QACxv+Ft/xJPk/1H57e:noLjOSW9admKFJc1Un1y+FZP6de

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2